Date: Wed, 4 Dec 1996 17:48:12 -0600 From: Richard Wackerbarth <rkw@dataplex.net> To: Nate Williams <nate@mt.sri.com> Cc: freebsd-security@freebsd.org Subject: Re: Sendmail 8.8.4 questions... Message-ID: <l03010900aecbbc5ad4e9@[204.69.236.50]> In-Reply-To: <199612042334.QAA12288@rocky.mt.sri.com> References: <l03010900aecbaaf1bdaa@[204.69.236.50]> <199612041958.NAA21344@alecto.physics.uiuc.edu> <199612041951.MAA11333@rocky.mt.sri.com> <199612042058.NAA11575@rocky.mt.sri.com> <l03010900aecbaaf1bdaa@[204.69.236.50]>
next in thread | previous in thread | raw e-mail | index | archive | help
>Richard Wackerbarth writes: >> >That would be 2.1.6.1. And, it's a good release except for bugs that >> >weren't known about until *after* it was set in stone such as the >> >sendmail bug. >> >> And a very few changes have been committed since then. > >I don't think so. Changes have been committed since 2.1.6, but not >since it was frozen. WRONG! Look at the ctm updates in the archive. They are triggered by SOME change in the CVS tree for the 2_1_0 tag. >> IMHO, such security problem patches SHOULD get committed to the 2.1 tree >> UNTIL 2.2 has proven itself. Since 2.2 is just now in "beta", I would guess >> that might be around March, 1997. > >Huh? 2.2 is going to be released *long* before that time. In order for >it to 'become' proven, it has to be used. If people aren't willing to >test it then it'll never be 'stable'. I agree. However, until it IS proven, we still need a reliable system for "mission critical" assignments. Those need to get "security" fixes. >2.1.* is dead in my mind, and I suspect many others. It lived long past >it's usefulness in the developers mind. That is a "developer's" attitude. If we wish to really have FreeBSD used in commercial environments, we need to adopt more of a "user's" attitude. I'm not advocating ANY changes other than SECURITY fixes at this point. I would hope that the same sendmail that works in 2.2 also works in 2.1.6+. If we need to test that before committing, I'll do so.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?l03010900aecbbc5ad4e9>