[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Possible one-more-absolutely-last-time FreeRADIUS upload?



On Thu, May 05, 2005 at 04:33:46PM +1000, Paul TBBle Hampson wrote:
> On Wed, May 04, 2005 at 02:00:57AM -0700, Steve Langasek wrote:

> > On Wed, May 04, 2005 at 04:22:10PM +1000, Paul TBBle Hampson wrote:

> > > Anyway, I was wondering if it would be OK if I uploaded a version with the
> > > patch... It should be fairly non-intrusive, since it only affects Makefiles
> > > that are not used during the Debian archive build (due to OpenSSL/GPL
> > > conflicts) but which people routinely build local versions to gain the
> > > functionality of.

> > Eh, I wouldn't allow a freeze exception solely for users of locally-built
> > packages, no.  If they're building locally, they can just as well get their
> > source package from elsewhere, since they're clearly not going to be running
> > official Debian packages when all is said and done anyway.

> Acknowledged. Although I'm hoping anyone who's not tracking Debian will be
> onto 1.1.0 soon after Sarge ships.

> Anyway, I've now got a security bug (#307720) for which I'll try and prepare an
> upload this weekend. If I'm allowed a freeze-exception for this, then I'll
> upload _just_ the fix for this bug, and continue awaiting release. If not, I'll
> upload a version with this fix, the building fix, and one or two other bits
> I've got pending, and anything that needs to go into Sarge will have to be a
> testing-pending-uploads upload after that.

If you determine that 307720 is truly a security bug, we probably want to
get it fixed for sarge.

And if you're re-uploading anyway, I don't object to including the minor
Makefile fix.

-- 
Steve Langasek
postmodern programmer

Attachment: signature.asc
Description: Digital signature


Reply to: