Date: Thu, 13 Aug 2015 20:40:23 +0000 From: Glen Barber <gjb@FreeBSD.org> To: Mason Loring Bliss <mason@blisses.org> Cc: freebsd-security@freebsd.org Subject: Re: Quarterly packages and security updates... Message-ID: <20150813204023.GJ24069@FreeBSD.org> In-Reply-To: <20150813202007.GC4093@blisses.org> References: <20150813202007.GC4093@blisses.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--j+MD90OnwjQyWNYt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable [info@ removed, not sure why that email address was included.] On Thu, Aug 13, 2015 at 04:20:08PM -0400, Mason Loring Bliss wrote: > A recently quarterly report: >=20 > https://www.freebsd.org/news/status/report-2015-04-2015-06.html >=20 > and last week's BSD Now episode both hint that quarterly packages will be= the > default for 10.2. I just looked, and sure enough: >=20 > https://svnweb.freebsd.org/base/releng/10.2/etc/pkg/FreeBSD.conf?view= =3Dmarkup >=20 > So, my issue here is that I run quarterly branches, and they are awful in > terms of security updates. With FreeBSD 10.2 imminent, are we expecting u= sers > to install vulnerable versions of things like Firefox right off the bat, = and > then wait for whatever fixes exist at the time the next quarterly branch = is > cut? >=20 The reason this change was made is because the quarterly package set receives less intrusive updates, but it does still receive security updates. This is documented in the 10.2-RELEASE release notes, which also shows how to change back to the 'latest' branch, if you so desire. https://www.freebsd.org/releases/10.2R/relnotes.html#releng-changes Glen --j+MD90OnwjQyWNYt Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVzQC3AAoJEAMUWKVHj+KTMkwQAIvJ53QFGWywCGrqld0obLFC MKFNDhCUjpfu5JttkKJClxNDIdB2mtyeq8ZezGgyxk5JldkbinYlGl/b0XYjW32z 2+DVnTtlj9QPJxuns5/hCnGslruzH27SOcA86TxfrR0tkzGchRimUg9qwOfhofad jCnjqfVfIt/e3gga0mZZrpdBHPGOVMnaXY8TkYHaIP8ZD/wwEjh9NAi7A84ljBrX s9WpDSYGIx13zrllmu7S3gde1O2eKoGImKX/ni61r+4/NUH8D4d6AhoQc6ruW/u/ /xSEm8p88bZK7l9qyuNifkHl/XtBEJrN+bWd1G9Rj4fuERCVKvSvvRHl8U0AXjNv Nmn7PdCxc464lpob/MbyqdXNZ5QeUw0Hcn1t3nBsiNGeY2rj++WP7zT7MT3QnyQ+ iN1toaX+dEeZxPJCzqLCprohUKVMOR78buZL1O19p/3WR0dqszOmGnjqfGTo2000 PA7UHdjEcI9tUnERtJAyFv3F1TJNHzeB2A6HjQJvx/AjAoSeZWhfVh4YNCg4QJxl L+Q2vvFgm/X3NeoKfHiz36AMbiPHC05SGtP6yH7IFRPOttOZjrBe1oIYu37o9aMD xwkUu/zkOZsuxbxN+PltwZZ9oDH/VTtUiQQk+TWdHheO6HLSSeXQOYSgDymnGhZ/ L/AUI4d3+VRxiLfntxPY =IVdi -----END PGP SIGNATURE----- --j+MD90OnwjQyWNYt--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150813204023.GJ24069>