Re: Security release procedures

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Thu, 29 Aug 2019 00:49:37 +0000

Daniel Shahaf wrote on Thu, 29 Aug 2019 00:44 +00:00:
> I do concede that if we had just a single release format, tarballs,
> that'd be easier on downstreams, but I do not accept that releasing
> patches would place an unreasonable burden on downstreams.

Forgot one thing: the releases have generated parts (configure and swig), so
vulnerabilities that affect these can't easily be released as patches. That's
another reason to continue to release tarballs — for which we should, as Julian
said, streamline the patch release process.
Received on 2019-08-29 02:50:02 CEST

This message: [ Message body ]
Next message: Daniel Shahaf: "Re: svn commit: r1865841 - in /subversion/trunk/subversion: libsvn_wc/diff_local.c tests/cmdline/changelist_tests.py"
Previous message: Daniel Shahaf: "Re: Security release procedures"
In reply to: Daniel Shahaf: "Re: Security release procedures"
Next in thread: Daniel Shahaf: "Re: Security release procedures"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]