You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@apr.apache.org by Jeff Trawick <tr...@gmail.com> on 2010/03/22 15:17:41 UTC
Re: Nod to 2.0, one more time?
On Mon, Mar 22, 2010 at 9:52 AM, William A. Rowe Jr.
<wr...@rowe-clan.net> wrote:
> Wondering if we are comfortable tagging and releasing 2.0.64 in the
> coming days? These security issues aught to be addressed, and while
> we are at it, it just seems like a nice thing to do as we get closer
> to some 2.3 beta and further from any more improvements to 2.0.
>
> Opinions? Volunteers? If there are no objections and no volunteer,
> its something I'm happy to do later this week. I'll review the set
> of ssl patches tomorrow.
Does anyone feel a need to release APR and -Util first to resolve
CVE-2009-2412? I don't think it is so important personally, but it is
worth asking.
(I could RM those two soon-ish if generally considered the Right Thing to do.)
Re: Nod to 2.0, one more time?
Posted by Jeff Trawick <tr...@gmail.com>.
On Mon, Mar 22, 2010 at 10:17 AM, Jeff Trawick <tr...@gmail.com> wrote:
> On Mon, Mar 22, 2010 at 9:52 AM, William A. Rowe Jr.
> <wr...@rowe-clan.net> wrote:
>> Wondering if we are comfortable tagging and releasing 2.0.64 in the
>> coming days? These security issues aught to be addressed, and while
>> we are at it, it just seems like a nice thing to do as we get closer
>> to some 2.3 beta and further from any more improvements to 2.0.
>>
>> Opinions? Volunteers? If there are no objections and no volunteer,
>> its something I'm happy to do later this week. I'll review the set
>> of ssl patches tomorrow.
>
> Does anyone feel a need to release APR and -Util first to resolve
0.9.x, that is (context = httpd 2.0.x, which uses APR 0.9.x)
Re: Nod to 2.0, one more time?
Posted by Jeff Trawick <tr...@gmail.com>.
On Mon, Mar 22, 2010 at 10:17 AM, Jeff Trawick <tr...@gmail.com> wrote:
> On Mon, Mar 22, 2010 at 9:52 AM, William A. Rowe Jr.
> <wr...@rowe-clan.net> wrote:
>> Wondering if we are comfortable tagging and releasing 2.0.64 in the
>> coming days? These security issues aught to be addressed, and while
>> we are at it, it just seems like a nice thing to do as we get closer
>> to some 2.3 beta and further from any more improvements to 2.0.
>>
>> Opinions? Volunteers? If there are no objections and no volunteer,
>> its something I'm happy to do later this week. I'll review the set
>> of ssl patches tomorrow.
>
> Does anyone feel a need to release APR and -Util first to resolve
0.9.x, that is (context = httpd 2.0.x, which uses APR 0.9.x)
Re: Nod to 2.0, one more time?
Posted by Mads Toftum <ma...@toftum.dk>.
On Mon, Mar 22, 2010 at 10:17:41AM -0400, Jeff Trawick wrote:
> Does anyone feel a need to release APR and -Util first to resolve
> CVE-2009-2412? I don't think it is so important personally, but it is
> worth asking.
>
Would be nice to get both things done at once to avoid as much pressure for
another 2.0.x soon.
vh
Mads Toftum
--
http://soulfood.dk