Date: Sun, 2 May 2004 11:59:27 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: Roman Neuhauser <neuhauser@chello.cz> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: FreeBSD Eol's? Message-ID: <Pine.NEB.3.96L.1040502115506.3567A-100000@fledge.watson.org> In-Reply-To: <20040426085808.GC29998@isis.wad.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 26 Apr 2004, Roman Neuhauser wrote: > # colin.percival@wadham.ox.ac.uk / 2004-04-24 14:39:57 +0100: > > At 14:22 24/04/2004, Kris Kennaway wrote: > > >4.8 passed its expiry date and was extended. 4.9 will probably be > > >extended at a later date too. > > > > Looks like Kris got a bit confused here. :-) > > > > The idea behind the extended support branches is that *selected* > > releases will be supported for at least 24 months; this allows us to > > offer extended support to people who can't upgrade on a regular basis, > > while keeping the number of supported branches to a manageable level. > > We haven't yet decided which future branches will qualify for > > extended support, but it is quite unlikely that this set would include > > FreeBSD 4.9. > > How are the extended-support branches chosen? The plan is still in the works, but I suspect it will look something like this: starting with the second or so release on a -STABLE branch, every third or fourth release will be designated for extended support. We don't have the resources to make every release live forever, but we can invest the resources we do have in keeping selected and particularly successful releases going for an extended period of time. That said, there are some hard questions to answer: RELENG_3 eventually dropped out of support because patching security vulnerabilities became difficult as a result of changed APIs being required to fix the vulnerabilities. For example, substantial weaknesses were present in the ncurses version in RELENG_3, and patching the vulnerabilities would have been very time consuming and difficult. In RELENG_4, we had an upgraded ncurses, but in RELENG_3 that would have required modifying every consumer of ncurses as well (top, systat, vi, ...). I think we're better placed with our 4.x releases than 3.x because security has become much more of a focus for the writers of utility libraries and common dependencies. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Senior Research Scientist, McAfee Research
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1040502115506.3567A-100000>