Date: Fri, 26 Apr 2002 22:56:26 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: "Drew Tomlinson" <drew@mykitchentable.net> Cc: "Julian Elischer" <julian@elischer.org>, security@freebsd.org Subject: Re: RELENG_4_4 Message-ID: <26251.1019854586@axl.seasidesoftware.co.za> In-Reply-To: Your message of "Fri, 26 Apr 2002 09:12:42 MST." <002d01c1ed3d$32272a20$6e2a6ba5@lc.ca.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 26 Apr 2002 09:12:42 MST, "Drew Tomlinson" wrote: > Instead of calling it an "upgrade", call it a system "patch". It just > so happens that the RELENG_4_5 "patch" will ensure that the OS is up to > date on security issues and more! :) Just so that misinformation isn't spread, please note that the "and more" in your paragraph isn't true. The RELENG_4_5 branch is strictly for security fixes. The reason I'm confident saying this is that I once tried to have what I thought was an important bugfix merged onto RELENG_4_4 and my request was rejected, not on the grounds that the bugfix wasn't important, but rather on the grounds that it did not address a security concern. At the time, I was very annoyed, but I've come to see the wisdom in the RELENG_x_x branches. They allow system architects to address security concerns without accepting any new features or bugfixes, which have the theoretical potential to introduce new problems of their own. If I've designed, tested and deployed a system that works, it's possible that I'd rather lose out on bugfixes because I think it's unlikely that I'll need any of them, and I'd rather just pick up security fixes. For folks in that situation, the RELENG_x_x branches are ideal, and the security team should be commended for maintaining them. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?26251.1019854586>