Quote:
Originally Posted by guitarscn
...for security/stability purposes, is it best to just run -Release until the next -Release version, or would running with -Stable be a good choice?
|
Your question is basically asking what are the differences between
-release &
-stable.
- -release is static. Once the CVS tree has been formally tagged, the files associated with -release for that particular version will never change. Ever.
- Any patches made are checked into the -stable branch. Checking out the CVS tree at any particular moment will get the most up-to-date patched version of -release. This would lead one to believe that:
-stable = -release + published patches
There was a time when the FAQ mentioned a caveat saying that -stable may additionally contain some minor changes which were considered insufficiently worthy of a published patch for -release. This implied:-stable + minor patches >= -release + published patches
This caveat was removed from the FAQ several releases ago. Although I cannot prove it, I suspect it is fair to assume that this is still the case. Do these minor patches have security/stability implications? Probably not. Most can probably be deemed cosmetic.
As for recommending whether one should run
-release or
-stable, it depends upon your needs, skill set, hardware resources, & willingness to spend time maintaining your system(s). Obviously a patched installation is more secure/stable than an installation which is not. Whether you go with patching
-release or go with
-stable is a personal choice. Personally, if these were my two choices I would go with the latter because most of my systems can support compiling.
If your line of questioning is really asking whether there has ever been a patch which has in turn required another patch, search through what information can be found at the following:
http://openbsd.org/errata43.html
This page chronicles
all patches issued for
all versions.
There is a corollary to this topic which needs to be mentioned. If your data is vital to your business or valuable merely as a property, back it up, & back it up
often. Mistakes & disasters happen. The true measure of a sysadmin is not allowing the incident be catastrophic. Being prepared to deal with the situation is the best plan, & having up-to-date backups of important data is a necessary first step.