kris at obsecurity.org
Sun Aug 24 10:47:59 PDT 2003
On Sun, Aug 24, 2003 at 10:38:49AM -0700, Colin Percival wrote:
> At 10:14 24/08/2003 -0700, I wrote:
> > Either I'm missing your point, or you're missing my point. There are
> >five release branches now which are "not officially supported", but I
> >have yet to see any circumstance where they have, in fact, not been
> >supported. If those branches were not being supported because people
> >were too busy to support them, I'd understand perfectly; but as far as I
> >can see, those branches *are* being supported.
> Oops. As hawkeyd at visi.com has just pointed out to me, I didn't look far
> enough; SA-03:01, :02, :03, :05, and :06 didn't have official patches for
> the unsupported branches.
Yep. In many cases the security team will go "beyond the call of
duty" to fix problems in non-supported releases, but it comes down to
factors like how significant the hole is, how easy the patch is to
backport and how motivated security-officer is to fix it for
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030824/65d5ddf3/attachment.bin
More information about the freebsd-security