httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Bannert <aa...@clove.org>
Subject Re: 2.0.40 -- again
Date Thu, 01 Aug 2002 16:15:00 GMT
On Thu, Aug 01, 2002 at 04:36:59PM +0100, David Reid wrote:
> OK, so a couple of people have replied off list that it's due to a security
> exploit. If that's the case then why haven't we done a .40 release before
> now?

Because there always seems to be one more person saying "ooh ooh wait for
this one last thing" and the group is too afraid to do a dead-end branch.

> Either it's a security problem that warrants a release or it isn't.

+1

> If it warrants a release then we need to get one done ASAP. If that involves
> going back to a known poll implementation in APR then so be it, but please
> let's actually decide what we're trying to achieve here folks and have a go
> at achieving it.

I completely agree. Let's tag a candidate at the last known point before
the poll changes and test that. If there are showstopper problems in
that which have simple fixes, then we branch and patch with no intention
of using CVS to merge back to head (we can do it manually later). Once
it's good we tag for the final release and roll. Unfortunately I'm just
blowing hot air since I don't have time to volunteer to do this myself
(wish I did :).

-aaron

Mime
View raw message