From owner-freebsd-security Mon May 20 18:12:27 2002 Delivered-To: freebsd-security@freebsd.org Received: from softweyr.com (softweyr.com [65.88.244.127]) by hub.freebsd.org (Postfix) with ESMTP id A8FDE37B408; Mon, 20 May 2002 18:12:19 -0700 (PDT) Received: from nextgig-9.customer.nethere.net ([209.132.102.169] helo=softweyr.com) by softweyr.com with esmtp (Exim 3.35 #1) id 179yCI-000K8M-00; Mon, 20 May 2002 19:12:18 -0600 Message-ID: <3CE99EEC.49EF91E2@softweyr.com> Date: Mon, 20 May 2002 18:12:12 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.4.2 i386) X-Accept-Language: en MIME-Version: 1.0 To: "Crist J. Clark" Cc: Maxim Sobolev , dsyphers@uchicago.edu, developers@FreeBSD.ORG, security@FreeBSD.ORG, nectar@FreeBSD.ORG Subject: Re: Is 4.3 security branch officially "out of commission"? References: <3CE8C3E2.EBF4EC8F@FreeBSD.org> <200205201008.g4KA8uKl000787@midway.uchicago.edu> <3CE8D057.BEA07F0@FreeBSD.org> <3CE93084.7C6ADAFF@softweyr.com> <20020520115715.E1468@blossom.cjclark.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "Crist J. Clark" wrote: > > On Mon, May 20, 2002 at 10:21:08AM -0700, Wes Peters wrote: > > Maxim Sobolev wrote: > > [snip] > > > > What is the official procedure when somebody not from the security > > > team want to maintain older releases? For example, as I said there is > > > significant push from the local community to merge recent security > > > fixes into older releases, so that it is likely that they could > > > provide to me with tested patches for older releases they are > > > interested in. May I merge them into 4.3 security branch without my > > > commit bit being suspended for inappropriate MFCs into security > > > branch? > > > > Once you've obtained the permission of the security officer, you may > > commit any change to a _RELEASE tag. > > ITYM, "you may commit any change to a RELENG_4_? branch." A *_RELEASE > tag should never ever, ever be touched. Yes, that is EXACTLY what I mean. Thanks for catching this, Crist. > But to repeat, you just need an, > > Approved by: security-officer@ > > On any commits to a RELENG_?_? branch. (Not to confuse things, but re@ > can also approve non-security changes that are deemed critical > bug-fixes to these branches.) I suspect anything that has a local or remote exploit, or that removes a crash, will be OK'd as well. We're all in agreement this is a good idea that just needs some manpower. I'm certain we'll also agree that Maxim stepping up to handle RELENG_4_3 is a Very Good Thing. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message