Date: Wed, 1 Aug 2007 15:15:52 -0500 From: Jeffrey Goldberg <jeffrey@goldmark.org> To: Doug Barton <dougb@FreeBSD.org> Cc: Zbigniew Szalbot <zbigniew@szalbot.homedns.org>, "A.G. Russell IV" <arussell@bifrost.hos.net>, Freebsd questions <freebsd-questions@freebsd.org> Subject: Re: Waiting for BIND security announcement Message-ID: <60BEAECB-C72A-46B3-90D7-F3AB8778605D@goldmark.org> In-Reply-To: <46B0DB5F.4020401@FreeBSD.org> References: <499c70c0707260136hea82f27s87dfa53432d0e409@mail.gmail.com> <94c6ae7ae570814564d364bfe9aad8ea@szalbot.homedns.org> <20070801030504.GA3773@bifrost.agrussell.com> <426DE541-FB51-44FF-B7F4-B34E0F9A7861@goldmark.org> <46B0DB5F.4020401@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 1, 2007, at 2:13 PM, Doug Barton wrote:
> If you want to stay as close as possible to 6.2-RELEASE but also
> include the fixes that the security officer deems important enough to
> release widely, use the tag RELENG_6_2 (usually in your supfile for
> cvsup or csup). If you want the latest code for 6-stable, which will
> eventually become 6.3-RELEASE, use just RELENG_6.
Thank you. I wasn't clear in my original message. I meant to talk
about RELENG_6_2 which is what I meant when I said "6.2 Release with
patches". But I fully acknowledge that while I've used RCS for ages,
I still don't fully grok branches and trunks (or HEADs in CVS), so I
do state things badly and can always use the reminder of how things
work.
Anyway, I was disappointed that the BIND fix didn't make it into
RELENG_6_2.
But ...
> When it comes to BIND stuff in particular, I always update the ports
> first, so anyone with a mission critical DNS operation can get fixes
> ASAP. There is even an option in the port to overwrite the base BIND
> if you so desire.
Ah-ha. That makes a big difference. OK. If I'm going to expose my
name server to the big bad world while tracking RELENG_N_M ("release
with patches") I'll use bind from ports.
Are there other things in /usr/src/contrib that follow this pattern?
> hth,
Yes, it helps a great deal. Thank you very much for your work on
this and your patience with me.
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?60BEAECB-C72A-46B3-90D7-F3AB8778605D>