Date: Fri, 3 Oct 2003 19:17:50 -0700 From: Will Andrews <will@csociety.org> To: Barney Wolff <barney@databus.com> Cc: current@freebsd.org Subject: Re: [security-advisories@freebsd.org: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-03:17.procfs] Message-ID: <20031004021750.GX72999@procyon.firepipe.net> In-Reply-To: <20031004021041.GA33705@pit.databus.com> References: <20031004014527.GB32411@pit.databus.com> <20031004015404.GW72999@procyon.firepipe.net> <20031004021041.GA33705@pit.databus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 03, 2003 at 10:10:41PM -0400, Barney Wolff wrote: > Does this mean that the situation can ever arise where a security bug > is corrected in the advisory's announced releases but not in -current? > Or, can we assume that as of the time of the security announcement > the vulnerability has *always* been corrected in -current? No. Yes. The rule is that changes are always committed to -CURRENT first, unless they do not apply. This rule is rarely broken in FreeBSD, and certainly never broken for security issues. Regards, -- wca
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031004021750.GX72999>