With last month's release of FreeBSD 4.10 [story], it was announced that the -STABLE development of this tree would expand from being a "Security Branch" into an "Errata Branch". Ken Smith clarifies:

"Errata Branches will take the place of Security Branches. They will expand the scope of patches that will be applied to the Branch Tags to include things like strictly local Denial of Service bugs as well as major bugs that are likely to impact a significant number of users. Examples of what might now be included are bugs effecting kernel resource usage, major device driver bugs, etc. Before now users who wanted to pick up the latest set of bug fixes needed to update to the active development branch (RELENG_4). That may be acceptable to some users but with it being an active development branch that may not be the best choice for users interested in stability."

The first such errata fix for 4.10 has been posted, fixing a possible hang in the twe ATA RAID adapter driver on heavily loaded systems [story]. Ken notes, "The
easiest approach to applying the fixes will continue to be using cvs or cvsup to update your source tree."

From: Ken Smith [email blocked]
To:  freebsd-announce
Subject: [FreeBSD-Announce] Errata Branches
Date: Sun, 27 Jun 2004 11:24:35 -0400


The recent release of FreeBSD-4.10 mentioned that it will be the first
"Errata Branch".  This announcement is to clarify what the Errata
Branches will be.

For releases prior to FreeBSD-4.10 the "Release Branch" in the CVS
Repository was turned over to the Security Team shortly after the
release was made, at which point it was called a "Security Branch".
Users could use cvs(1) or cvsup(1) to update their source code using
the Security Branch Tag (e.g. RELENG_4_9 for FreeBSD-4.9) to have the
major security issues patched between releases.  The Security Branch
Tags would not include the normal development work done by the FreeBSD
Developers between releases so following the Security Branch Tags is
recommended for users interested in stability.  Updates to the
Security Branches were handled by the Security Team, and were
accompanied by a Security Advisory.

Errata Branches will take the place of Security Branches.  They will
expand the scope of patches that will be applied to the Branch Tags to
include things like strictly local Denial of Service bugs as well as
major bugs that are likely to impact a significant number of users.
Examples of what might now be included are bugs effecting kernel
resource usage, major device driver bugs, etc.  Before now users who
wanted to pick up the latest set of bug fixes needed to update to the
active development branch (RELENG_4).  That may be acceptable to some
users but with it being an active development branch that may not be
the best choice for users interested in stability.

Users should continue to use the same Branch Tag naming scheme as
before, so for example the Errata Branch for FreeBSD-4.10 will be
named RELENG_4_10.  As with the security patches the version number
for the system (available in the 'uname -a' output) will be updated as
part of the patch to provide users with an easy way to identify what
patch level a machine is at.  As far as the patching of the Errata
Branch is concerned there will be no distinction made between the
patches applied to handle security issues versus patches applied to
fix errata issues.  Patches will be considered to be cumulative.  The
easiest approach to applying the fixes will continue to be using
cvs(1) or cvsup(1) to update your source tree.

Announcements for Security Advisories will continue to be sent to a
wide variety of mailing lists, but the Errata Notices will only be
sent to the FreeBSD-announce mailing list and posted on the FreeBSD
Web site (http://www.FreeBSD.org).

-ken