Moving forward on two security bugs

Paul Aurich paul at
Tue Feb 9 18:29:12 EST 2010

And Mark Doliner spoke on 02/09/2010 11:34 AM, saying:
> On Mon, Feb 8, 2010 at 6:51 AM, John Bailey <rekkanoryo at> wrote:
>> On 02/08/2010 08:04 AM, Ethan Blanton wrote:
>>> I am in favor of freezing for 2.6.6 and releasing sooner rather than
>>> later, on this plan.  I think we should query the ocert/psi/etc.
>>> people about that to make sure they're OK with it, but I don't
>>> anticipate a problem.
>> I agree with freezing soon.  I'd like to hold off on the freeze just a couple
>> more days, though, as I have a couple yahoo-related patches I want to commit,
>> one of which I'm pretty sure introduces a new string.
> Cool.  Well let's string freeze and feature freeze as soon as your
> changes are in (the sooner we freeze the more time translators will
> have.  And release late next Wednesday night.
> --Mark

Warren has requested that we provide packagers@ with packages for 2.6.6 a
day or two prior to release (in addition to patches for each of the current
issues) so that their security people can QA them.

This does tighten the schedule for translators, and requires a dev to do
that section of the release-ey stuff on a tight schedule, but seems
reasonable on the face to me.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the security mailing list