Wilko Bulte wrote: >On Sat, Dec 17, 2005 at 01:54:34PM -0800, Joe Rhett wrote.. > > >>On Fri, Dec 16, 2005 at 12:04:05AM -0700, Scott Long wrote: >> >> >>>There will be three FreeBSD 6 releases in 2006. >>> >>> >>While this is nice, may I suggest that it is time to put aside/delay one >>release cycle and come up with a binary update mechanism supported well by >>the OS? Increasing the speed of releases is good. Increasing the number >>of deployed systems out of date because there are no easy binary upgrade >>mechanisms is bad. >> >>It has been bad, it's getting worse. >> >> > >So, when will you fix it? Or hire someone to fix it? FreeBSD after >all is mostly a volunteer operation. > > > I agree. And after all, tracking a security branch isn't too difficult, but the most people think that they have to do a complete "make buildworld" after a security advisory, but this isn't true. For example there was that cvsbug issue in September: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc One can read here: b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/gnu/usr.bin/cvs/cvsbug # make obj && make depend && make && make install # cd /usr/src/gnu/usr.bin/send-pr # make obj && make depend && make && make install Is that difficult? I don't think so. No reboot required and it doesn't take more than 5 minutes even on a slower machine. Only the vulnerabilities in the kernel are problematic for servers, since they require a reboot. I think I'll submit a PR with a patch to clarify this in Handbook. Do you consider this useful? Regards, Gabor KovesdanReceived on Sat Dec 17 2005 - 21:35:45 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:49 UTC