httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wilson <and...@aaaaaaaa.demon.co.uk>
Subject Re: binaries II
Date Wed, 10 Jul 1996 12:24:58 GMT
> > Ah, in the document <URL:http://hyperreal.com/httpd/binaries.html> I see
> > 
> > > Finally, binary releases are only necessary at each second-level-major
> > > release time. I.e., Apache 1.0 requires it, 1.0.1 does not, but 1.1
> > > does.
> > 
> > Hmm, let me be the first to say that this statement of mine might have
> > been a bad idea - if the second-level release fixes a security hole, for
> > example, then it definitely should be upgraded.  Anyone for changing the
> > policy expressed in that document?
> > 
> > 	Brian
> 
> I think your suggestion to rebuild binaries is a good one.
> 
> +1

+1

It would be inviting 'bad press' to leave unsafe binaries on
www.apache.org.  Since removing the bad binaries is the only real
option, they need to be replaced with something.

Ay.

Mime
View raw message