FreeBSD 4.6.2 Released

MobyTurbo writes: "FreeBSD 4.6.2 has been released. It primarily cures a few security problems in the 4.6 release. If you are impatient it will be available at various mirrors, or upgrade your existing FreeBSD installation via cvsup, or support the FreeBSD project by purchasing it at a vendor that supports the FreeBSD project."

Other vendors

[Arandir]

support the FreeBSD project by purchasing it at a vendor that supports the FreeBSD project.

Other vendors include DaemonNews/BSDMall, and Hinner EDV.

Re:Crap :(

[MobyTurbo]

Blockquoth the poster:

..meanwhile, I'm downloading netbsd.

According to a previous Slashdot story, NetBSD version 1.6 is expected *very* soon, it's already at the release candidate stage, so perhaps you haven't avoided avoided downloading a version of BSD too soon either. :-)

Keep in mind however that even if you have download a version of FreeBSD (maybe the same is true for Net) too soon, you can cvsup to the latest -RELEASE or -STABLE without much of a hassle; and 5.0-CURRENT if you want to be on the alpha/beta version edge.(Since I'm tracking -STABLE I don't need to download anything to upgrade; I already am running a system similar to 4.6.2 if not somewhat more cutting edge.)

Hmm, *BSD is releasing new versions. It must not be "dead" after all. ;-)

Re:Java???

[Ded+Bob]

Even better, here is a recent progress report: report

Re:Where did 4.6.1 go?

[Beetjebrak]

set your cvs tag to 4_6_1 and cvsup your sources. You'll get 4.6.1 don't worry, it was there.. be it for a very short while and as far as I can tell not really worthy of a point release. Why not just stick to 4.6-RELEASE and bump up the patch level all you want until 4.7-RELEASE?? (I know 5.0 probably should come out before 4.7 but hey.. who knows..)

Re:Where did 4.6.1 go?

[MavEtJu]

During the first and second RCs of 4.6.1 a couple of more problems regarding security came up and it would be a bad idea to release something with known problems (actually the reason why 4.6.1 was going to be released). That's why it was delayed with a month (I believe).

Re:Where did 4.6.1 go?

[mosch]

You can get 4.6.1, you just wouldn't want to, because then you'd have to apply 11 patches to get it to 4.6.1-p11, then one more to get it to 4.6.2. They didn't make a big public announcement because of the number of major issues that came up right after it was created (OpenSSL and such) and because of some bugs that turned out to be not quite fixed.

Re:Tracking -RELEASE with cvsup

[bugg]

I'd like to be able to keep on top of the latest security releases

The RELEASE tag is only slid for security fixes that come out after the release tag is initally laid and before the CDs are gold. In other words, if you really want to keep on top of security issues, you should be tracking -STABLE; but of course with this comes no express or implied guarantee that your tree will build, that everything will work properly, etc. But thankfully, -STABLE tends to be pretty much just that, STABLE, with few exceptions. If you're concerned about the latest security patches, either update STABLE every time there is a security advisory, or apply the patches from -STABLE to your release tree, but that's probably not worth the time. So -STABLE tends to be the best in terms of having security patches applied, but on a colocated box you could run into issues setting it to upgrade automatically (in the rare, but possible event -STABLE is fubared when you cvsup) - but unfortunately you can't have it every way- there's no way to have a guarantee of successful working automatic builds with all of the security patches. That's pretty much true with any OS.

But you didn't ask that, you asked how to get -RELEASE sources. Open up your supfile and set the tag to RELENG_4_6_2_RELEASE in this case (or RELENG_4_6_0_RELEASE for 4.6, or RELENG_4_0_0_RELEASE for 4.0, etc.)

Have fun!

Re:Tracking -RELEASE with cvsup

[shlong]

Tag slides are not how security issues are tracked in FreeBSD. True, they are used when last minute changes are needed before a release. However, branches are made with every major release, and security fixes are applied to those branches. If you track the RELENG_4_6 tag, you will get all the security patches for 4.6.x. These branches are often maintained for a year or more, even after newer releases have come out. So, to answer the previous posters' question about how to track FreeBSD 4.6 + ports, here is a cvsup file to use:

*default host=cvsup14.freebsd.org
*default base=/usr
*default prefix=/usr
*default release=cvs tag=RELENG_4_6
*default delete use-rel-suffix
*default compress
src-all
ports-all

Re:Where did 4.6.1 go?

[Geekboy(Wizard)]

The OpenSSH bug was found the day before 4.6.1 was supposed to come out (or something like that). So they decided to scrap 4.6.1, and add the OpenSSH fixes, and back port more fixes from -current while they did the testing for it.

Re:Tracking -RELEASE with cvsup

[elbuddha]

Use the RELENG_4_6 tag in your cvsup file to stay on the 4.6-release branch, of which 4.6.2-release is a part.

Be sure to check out Chapter 20 of the FreeBSD Handbook, especially the sections on Synchronizing Your Source and Using make world. Also read the top of /usr/src/Makefile

The real trick is going to be doing the upgrade to a remote server. Since you can't really drop to single user mode you'll have to do the installworld, installkernel, and mergemaster on a live system. Make sure your kern.securelevel is at -1 for that (you can always raise it back up afterwards). You may even want to go through the process on a spare box in front of you before attempting to do so remotely.

Re:XFree86 3-4

[wabb1t]

As the prevoius answer stated, remove /usr/X11R6 and /etc/X11 and /etc/XF86Config.

But be sure to also remove all ports that might have installed stuff under /usr/X11. I just tested this (will give you a few unimportant errors), but YMMV:

(use some bourne shell, like /bin/sh or bash)
cd /var/db/pkg
for i in *; do if grep -q '^@cwd /usr/X11R6' $i/+CONTENTS; then echo $i;fi;done > ${HOME}/packagelist

Then remove those packages in ~/packagelist
After this, just install /usr/ports/x11/XFree86-4, and reinstall the ports/packages you need.

HTH

Re:ya

[OrangeSpyderMan]

To any trolls underneath this post that are actually interested in whats really under the hood of OS-X...

If they are interested in what it is, they should stear clear from your explanation.

Yes, OS X is heavily based on Mach, but it's not a "pure" microkernel.

No, Mach is not a "pure" microkernel. And OS-X isn't a ukernel at all, it's an OS. AFAIK, Darwin provides the kernel functionality using a single-server on a microkernel. OS-X runs on top of Darwin, and provides most of the userland functions (GUI, most notably).

Check GNU/Debian

That would be GNU running on Debian, as GNU/Linux is GNU running on Linux? I think you mean Debian GNU/Hurd or GNU, though your description of what it is suggests that as far as microkernels go, you don't know shit from rusty ice-cream.

UNIX server running under the HURD mk

First point, a server runs on top of an 'mk', not under it.

The Hurd (not HURD, Hurd or whatever) is actually a number of servers running on a microkernel (at the moment GnuMach, but also L4 projects exist). Contrary to Darwin and MkLinux which are mono-server implementations (ie one large server running on a ukernel), the Hurd has a number of servers running on a ukernel that attempt to provide POSIX functionality. The Hurd is simply not UNIX (as in GNU is not UNIX). As you correctly point out, monoserver implementations of microkernels don't add a great deal of anything except hardware abstraction compared with a monolithic UNIX kernel. The hardware abstraction was the reason why Apple initially liked MkLinux, as it allowed Linux to run on their machines without them having to give away precious info about how they worked.

These are just the blatant mistakes, I'll leave people who aren't too tired, late or lazy to do real research to fine tune this and the other stuff.