MSN SLP Security Vulnerability
lschiere at pidgin.im
Wed Jun 18 06:20:47 EDT 2008
On Tue, Jun 17, 2008 at 09:39:21PM -0500, Richard Laager wrote:
> We received a report of a security vulnerability. I don't know how these
> things are typically handled, but we should cut a release soon. Ethan
> suggested a fix. I built a patch. How should we proceed?
Commit it with something fairly inocous as the commit message, then move
directly into release without string freeze as soon as we are in a
stable enough position to do so.
The patch also ought to be back ported to minor version branches, but
that can be done later.
after release, the security webpage should be updated.
More information about the Packagers