MSN SLP Security Vulnerability

Luke Schierer lschiere at
Wed Jun 18 06:20:47 EDT 2008

On Tue, Jun 17, 2008 at 09:39:21PM -0500, Richard Laager wrote:
> We received a report of a security vulnerability. I don't know how these
> things are typically handled, but we should cut a release soon. Ethan
> suggested a fix. I built a patch. How should we proceed?
> Richard

Commit it with something fairly inocous as the commit message, then move
directly into release without string freeze as soon as we are in a
stable enough position to do so.  

The patch also ought to be back ported to minor version branches, but
that can be done later.

after release, the security webpage should be updated.


More information about the Packagers mailing list