Backporting

From Wikipedia, the free encyclopedia

Backporting is the action of taking a certain software modification (patch) and applying it to an older version of the software than it was initially created for. It is part of the maintenance step in a software development process.

The simplest and probably most common situation of backporting is a fixed security hole in a younger version of a software. Consider this simplified example:

  • Software v2.0 has a security vulnerability that is fixed by changing the text 'is_insecure' to 'is_secure'.
  • The same security hole exists in Software v1.0, off which the codebase for the newer version is derived, but there the text is called 'is_notsecure'.

By taking the modification that fixes Software v2.0 and changing it so that it applies to Software v1.0, one has effectively backported the fix.

In real life situations, the modifications that a single aspect of the software has undergone may be simple (only a few lines of code have changed) up to heavy and massive (many modifications spread across multiple files of the code). In the latter case, backporting is tedious and inefficient and should only be undergone if the older version of the software is really needed in favour of the younger (like, for example, the younger version still suffers stability problems that prevent it from being used in mission-critical situations).

The process of backporting can roughly be divided into these steps:

  • Identification of the problem in the older version of the software that needs to be fixed by a backport
  • Finding out which (usually recent) modification of the code fixed the problem
  • Adapting the modification to the old code situation (the proper backporting)

Usually, multiple such modifications are bundled in a patch set that undergoes one or several levels of quality control.

Backports can be provided by the core developer group of the software. Since backporting needs access to the source code of a software, this is the only situation backporting occurs for closed source software -- the backports will usually be incorporated in binary upgrades along the old version line of the software. With open-source software, backports are sometimes created by software distributors and later sent upstream (that is, submitted to the core developers of the inflicted software).

[edit] External links

In other languages