Re: join us!
Kurt Seifried said:
> Debian ProFTPD 1.2.0pre10 revision 3 has the root hack mentioned above
> however fixed in 1.2.0pre10revision 4, revision 5 also fixes some of the
> problems that were possible in rc1
Personally, when I see "1.2.0pre10-4", I think, "This is not the same as the
original/base 1.2.0pre10." Depending on how the numbering is implemented, it
has been updated 3 or 4 times since the original 1.2.0pre10. So I would not
expect it to have the same bugs.
> As for the "code freeze", well the code is NOT frozen if Debian is
> backporting changes into it, Apache 1.3.9 as shipped by Debian for example
> is more like a 1.3.9 sortof 10/11/12 but not really. While the argument "we
> are not adding new features" can be used, the fact of the matter is that
> Debian is making (in some cases significant) changes to code that changes
> behaviour (like fixing root hacks, cross site scripting vulnerability,
> whatever).
Would you be more comfortable if it were called a "feature freeze"?
--
"Two words: Windows survives." - Craig Mundie, Microsoft senior strategist
"So does syphillis. Good thing we have penicillin." - Matthew Alton
Geek Code 3.1: GCS d- s+: a- C++ UL++$ P+>+++ L+++>++++ E- W--(++) N+ o+
!K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI++++ D G e* h+ r++ y+
Reply to:
- Follow-Ups:
- Re: join us!
- From: "Kurt Seifried" <seifried@securityportal.com>
- References:
- Re: join us!
- From: "Kurt Seifried" <seifried@securityportal.com>