On Wed, 2006-12-27 at 09:36 +0000, Marc 'HE' Brockschmidt wrote: > Thomas Bushnell BSG <tb@becket.net> writes: > > Why are new upstream releases being added to upstable of the glib2.0 > > package? We are in a freeze, I thought. > > Yes, but the new glib2.0 release is from upstream's stable series, where > only bugs are fixed. I reviewed all changes before Loic Minier uploaded > the new version and thought them to not a problem. > > > And one seems perhaps to be responsible for a regression in gnucash > > (see #404585). > > Yes, this is due to a stricter input validation in gkeyfile.c. The > validation is an ugly C replacement for this: > m!^[-_/+.[:alnum:]]+(\[[-_.@[:alnum:]]+\])?$! I'm uncertain how to interpret this message. You said that the new release only fixes bugs, and that you reviewed all the changes, and that the new release includes a change in implementation from a regexp to a C replacement, which more strictly validates input. The last of these three seems to be inconsistent with the first two, for the change does not give any appearance of being only a bug fix. Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part