[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Security release procedures

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Thu, 29 Aug 2019 00:49:37 +0000

Daniel Shahaf wrote on Thu, 29 Aug 2019 00:44 +00:00:
> I do concede that if we had just a single release format, tarballs,
> that'd be easier on downstreams, but I do not accept that releasing
> patches would place an unreasonable burden on downstreams.

Forgot one thing: the releases have generated parts (configure and swig), so
vulnerabilities that affect these can't easily be released as patches. That's
another reason to continue to release tarballs — for which we should, as Julian
said, streamline the patch release process.
Received on 2019-08-29 02:50:02 CEST

This is an archived mail posted to the Subversion Dev mailing list.