Date: Sat, 7 Oct 2000 18:51:23 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.ORG> To: "Jeffrey J. Mountin" <jeff-ml@mountin.net> Cc: "Matthew D. Fuller" <fullermd@futuresouth.com>, Jordan Hubbard <jkh@winston.osd.bsdi.com>, John Baldwin <jhb@FreeBSD.ORG>, freebsd-security@FreeBSD.ORG, cvs-committers@FreeBSD.ORG Subject: Re: Stable branch Message-ID: <Pine.NEB.3.96L.1001007184421.85778A-100000@fledge.watson.org> In-Reply-To: <4.3.2.20001007161924.00b72460@207.227.119.2>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 7 Oct 2000, Jeffrey J. Mountin wrote: > >I think it might actually be easier to suck up and branch each release, > >and stick security fixes on the branch, than to shoot this idea down > >every few months for the rest of our lives ;) > > Then you might want to consider doing all the extra work involved in such a > scheme or buy a lot of gifts for those that must then commit to 6 branches > for 3.x and 3 (so far) for 4.x, etc. You seem to have completely missed > Jordan's point this time and his previous point on wishing that commiters > were better at merging stuff back from -current. You seem to misunderstand. No one is asking the majority of committers to commit to the release branches--in fact, that was specifically *prohibited* in the recommendation of a branch for each release. These branches would only exist for the purposes of release-related activity (modify the version numbers in the release branch, not the -STABLE branch), emergency back-ports during and immediately after the release itself, ERRATA entries for the release,and for security bugfixes. No new features. No new documentation work. Show stopper fixes only. This is for people who want to use a release, and have it be secure and work, not for people who want to sit on -STABLE. And if people who backport to -STABLE do any kind of decent reviewing job, and there's an adequate code freeze prior to the release branchpoint, then commits to -RELEASE branches should be *very* infrequent. Each commit (or set of related commits) on the -RELEASE branch would probably be designated a resulting patch level so that binary updates could be built based on it, constituting the binary update related to the security fix. The point of this branch is to allow our standard version control and distribution mechanisms to provide access to a version-controlled release patchlevel system. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1001007184421.85778A-100000>