From owner-freebsd-security Wed Apr 11 12:15:13 2001 Delivered-To: freebsd-security@freebsd.org Received: from bluenugget.net (skin-flute.com [64.3.150.188]) by hub.freebsd.org (Postfix) with ESMTP id 9DB6737B422; Wed, 11 Apr 2001 12:15:09 -0700 (PDT) (envelope-from geniusj@bluenugget.net) Received: from bluenugget.net (localhost.com [127.0.0.1]) by bluenugget.net (Postfix) with ESMTP id 27C3213642; Wed, 11 Apr 2001 12:16:29 -0700 (PDT) Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary To: bmah@FreeBSD.ORG From: Jason DiCioccio Cc: sjohn@airlinksys.com, freebsd-security@FreeBSD.ORG, Jason.DiCioccio@Epylon.com X-Originating-Ip: 63.93.9.98 MIME-Version: 1.0 Reply-To: Jason DiCioccio Date: Wed, 11 Apr 2001 11:16:29 PST X-Mailer: EMUmail 4.5 Subject: Re: Security Announcements X-Webmail-User: geniusj@bluenugget.net Message-Id: <20010411191629.27C3213642@bluenugget.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 11 Apr 2001 12:06:53 -0700 bmah@FreeBSD.ORG wrote: > If memory serves me right, Jason DiCioccio wrote: > > > And how would I know which day/time was considered reasonably > bug-free. > > I do not know of any webpages or anything that tell you this, > > Read -stable (you are doing that right?). I care more about how > machines work in my own environment that what some Web page says. > Yes. But of course the -STABLE/CURRENT branches change by the second. However you clear this up below. > You mentioned the hypothetical case of someone running -STABLE on boxes > that needed to be "up at all times". Tell me that this someone would be > willing to drop a new version of *any* operating system on > mission-critical machines without testing on their own scratch machines > first. ~20 lines of code (for example) in a patch is a lot easier to go through (and to trust as a result) than the many more lines involved in a diff between 2 snapshots (moving targets) of a branch that are, say, 1 month apart. > > > nor does > > any given time in the -STABLE branch get as much testing as a -RELEASE.. > > For people who need version of FreeBSD that's been though testing > (and there is nothing whatsoever wrong with that), well, they should be > running -RELEASE. There's been a lot of discussion as to how to deal > with the issue of security updates to -RELEASEs, and the message that > rwatson recently posted outlines the result of that discussion. I > think this is going to solve a lot of problems, even though it's going > to create more work for those who make advisories and patches. Yes, I definitely like the new branch tag idea in 4.3. :-) It definitely clears up a lot of my concerns.. Cheers, -JD- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message