tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "GOMEZ Henri" <hgo...@slib.fr>
Subject RE: [4.0.3] [VOTES] Upcoming release and security fix
Date Fri, 01 Mar 2002 11:02:02 GMT
>Since there are apparently diverging opinions on the subject 
>(and also since
>I didn't get any +1s for a possible 4.0.3 b1, or a 4.0.2a 
>release), here's a
>formal request for vote.
>
>On the security problem reported yesterday, affecting the 
>security manager
>sandboxing. We should:
><ballot>
>A [ ] Make a full 4.0.3 (or 4.0.2a) release which would only 
>include the
>security fix
>B [ ] Make the security fix available as a binary patch for 
>4.0.2 (it would
>take the form of an archive to extract in $CATALINA_HOME, and would be
>*small*)
>C [ ] Accelerate the release schedule of 4.0.3, which would include the
>security fix, as well as fixes for other issues with 4.0.2 
>(with Beta 1 on
>03/01 and Final on 03/08)
></ballot>

A or B for RPM people are the same works ;)

But to be coherent with what we do for 3.3, 4.0.2a seems better,
ie 4.0.2 + security fix => 4.0.2a (nothing more nothing less).

4.0.3b1 will be a different story since it involve new code, and
it should be also provided.

4.0.2a + 4.0.3b1 :)

>In parallel, I'd like to release a first beta of 4.0.3 on 
>03/01 (depending
>on the vote on item 'C' above, the release cycle may be 
>shorter or longer):
><ballot>

>+1 [X] I support the release, and I will help
>+0 [ ] I support the release
>-0 [ ] I don't support the release
>-1 [ ] I'm against the release because:

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message