versions and up-to-date...

[freebsd at critesclan.com]

This is not really a security related issue, but since we're talking about
releases and such, it kind of ties in. I do a CVSup every week, using the
"tag=." method. It is my assumption that I am getting the
latest-and-greatest version, so I'm on the bleeding edge of the 5.X system.
Is that correct? Further, I assume that as soon as any security patch is
available, I will get it as well, since I'm keeping up-to-date with the
latest-and-greatest.

So are my two assumptions correct?

Thanks muchly...

Lee

-----Original Message-----
From: owner-freebsd-security at freebsd.org
[mailto:owner-freebsd-security at freebsd.org]On Behalf Of Peter Pentchev
Sent: Thursday, 07 August 2003 07:57
To: Francisco Reyes
Cc: Jacques A. Vidrine; FreeBSD Security List
Subject: Re: Checking realpath file up to date

On Thu, Aug 07, 2003 at 08:50:56AM -0400, Francisco Reyes wrote:
> On Wed, 6 Aug 2003, Jacques A. Vidrine wrote:
>
> > Sounds like you cvsup'd RELENG_4, not RELENG_4_8.
>
>
> I went back to the handbook to read the difference between these two.
> If I understand correct RELENG_4 is basically the latest of the 4.X
> branch. The RELENG_# are basically only security patches for a particular
> 4.# release. Do I understand it correctly?

If you meant RELENG_4_# where you said RELENG_#, then yes, this is
correct.  The RELENG_4 branch was not affected, since shortly after
FreeBSD 4.8-RELEASE was out, a new version of realpath(3) was imported
into the tree, and it did not have this problem.

Thus, if you have a reasonably recent -STABLE (you seem to, since you
mention realpath.c rev. 1.9.2.2), there's nothing to fear - not for
this problem, at least.

G'luck,
Peter

--
Peter Pentchev  roam at ringlet.net    roam at sbnd.net    roam at FreeBSD.org
PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
I am the meaning of this sentence.