[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: 1.0.0, 1.0.x plan

From: <kfogel_at_collab.net>
Date: 2004-01-29 18:17:16 CET

Greg Hudson <ghudson@MIT.EDU> writes:
> On Tue, 2004-01-27 at 11:14, kfogel@collab.net wrote:
> > I think we should worry more about the real consequences of the bug,
> > and trust BugTraq's readership to do the same. [Also, we should mail
> > BugTraq ourselves with a description, and a prediction of a fix in
> > 1.0.1 or whenever we schedule it for. Better to be in control of your
> > own bad news than let someone drive it :-) ]
>
> I don't really agree; just because someone on bugtraq thinks a path leak
> is a real security hole doesn't make it true. (Not saying we shouldn't
> fix it, just that we shouldn't pollute bugtraq with unimportant
> revelations.)

If someone else does post this to BugTraq, is there a mechanism by
which we can follow up with an addendum?

What I want to avoid is someone making the bug sound more serious than
it is. As long as there's a way for us to correct any misimpressions,
then I'm happy with doing nothing until if/when we see a first post.

(Of course, agree we should fix it in trunk and 1.0.1.)

-Karl

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jan 29 19:15:28 2004

This is an archived mail posted to the Subversion Dev mailing list.