Re: How to keep kernel up-to-date with Security/Errata Fixes?

[Dragronfly Kernel List User <Fly_Dragon_Fly@xxxxxxxxxxx>]

On Sat, 25 Mar 2006 22:13:27 -0500 (EST)
"Justin C. Sherrill" <justin@xxxxxxxxxxxxxxxxxx> wrote:

> ...
>
> There's a bit more detail here:
> http://www.shiningsilence.com/dbsdlog/index.php/2004/05/07/381.html
> 
> Commits to a release tag (even numbers) are either immediate security
> fixes, like the recent Sendmail vulnerability, or something that's
> already been tested out in Preview (odd numbers) or, rarely, the most
> recent code.
> 
> The Preview version ends up being a sort of release candidate; it has
> to be relatively stable for a while before a Release tag can be
> done.  Along the same lines, Preview only changes when the current
> code has been relatively trouble-free, and there's no major work
> going in.  These different versions are tagged in CVS, not branched,
> so it isn't an exact match to FreeBSD methods.
> 
> So, while there is not a freeze/candidate cycle, there is a settling
> period for new features that is comparable.  Given the small, tight
> nature of the committing group, a formal process hasn't been needed
> to keep things "quiet" before releases, so far.
> 
> Anecdotally, I've been running Release versions on shiningsilence.com
> for a long time, now, and had zero issues.
> 

Thank you Justin.

Now it makes sense.  My confusion arose from trying to understand
Dragonfly's release mechanism from a FreeBSD user's perspective --
instead of trying to understand it for itself.

As I said, I am pleased with my trial so far and will probably install
it on a production server when the 1.4.4 tag is released.

Thanks again to you, Matt and Sascha for your patience and wisdom.