HEADS UP: Name change committed

Matthew Dillon dillon at apollo.backplane.com
Wed Nov 19 09:26:44 PST 2003


:I belive that having a security maintained branch is quite worth it
:and should be considered. Once you announce a release, which is -
:hopefully - rock stable and well crafted, users will want to get this
:release with security fixes until you announce the next one. To
:maintain security fixes a branch is (IMO) the easiest way.
:
:Think of all the confuses you will run into when you find something
:security related in the third revision (since release) of some API.
:You will have to alter the tag for quite a few files in order to make
:the fix available to users. This will look strange to the average user
:and might distract from DragonFly. The normal sysadmin wants to
:understand a security update in whole.
:
:-- 
:Best regards,
: Max                          mailto:max at xxxxxxxxxxxxxx

    This is very true.  Still, it does not necessarily mean that one
    has to branch the primary release.  That is, instead of branch before
    the release as FreeBSD does we could instead put the release tag on the
    root branch.  This leaves open the possibility of simply slipping
    the tags for security fixes, snafus, and minor fixups that occur just
    after a release rather then having to do multiple commits.  One could
    branch, say, 30 days after the release.

    I think that would make developers jobs a lot easier because the vast
    majority of minor fixes and adjustments will not have any other comitted
    cruft in between the release tag and the fix.

					-Matt
					Matthew Dillon 
					<dillon at xxxxxxxxxxxxx>





More information about the Kernel mailing list