Date: Mon, 2 Oct 2000 17:10:49 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Nate Williams <nate@yogotech.com> Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>, James Wyatt <jwyatt@rwsystems.net>, Brett Glass <brett@lariat.org>, "Chris D . Faulhaber" <jedgar@fxp.org>, security@FreeBSD.org, asmodai@FreeBSD.org Subject: Re: ftpd bug in FreeBSD through at least 3.4 Message-ID: <Pine.NEB.3.96L.1001002162322.63580K-100000@fledge.watson.org> In-Reply-To: <200010021944.NAA18121@nomad.yogotech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2 Oct 2000, Nate Williams wrote: > > >> >>3.4 is a dead branch, 2.x even more so. > > >> > > > >> >People are still running it 3.x, though. LOTS of people. > > >> > > >> Doesn't change the fact that it's a dead branch. > > > > > >Doesn't change the fact that "LOTS of people" are still running it... > > >Geez, what a curt, rude, throw-your-hands-up answer. > > > > > >Are you saying that if we found a terrible bug (not this easy one) > > >somewhere critical in 3.5.%d, we'd all have to immediatly upgrade? - Jy@ > > > > Yes, I am saying that. > > FWIW, I agree with Poul. We don't have the resources to support > anything but '-stable', so if have an older release and need a bug-fix, > you're forced to support yourself (ie; provide a bug-fix on your own), > or you must upgrade to the most recent '-stable' bits. I guess I have mixed feelings on both sides of the argument here: it's clearly the case that dropping support for a branch within a few months of a release on it is undesirable. However, it's also the case that resources are very constrained towards providing continuing support. It is the case that, at least for security fixes, they can and should be backported wherever feasible. Recently, Jeroen Ruigrok van der Werven <asmodai@FreeBSD.org> has been doing some work to backport incremental improvements to the 3-STABLE branch to ensure that it at least remains usable. I think it is too early to write off 3-STABLE as there is a huge install base for the branch, and many products based on it. We don't even have a native Netscape build for 4-STABLE yet :-). I think it is fine to assert that no new feature development is occuring there, however. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1001002162322.63580K-100000>