Re: [VOTE] Security fixes and releases
Posted by
jonwimp on
Nov 27, 2007; 6:17am
URL: http://ofbiz.116.s1.nabble.com/VOTE-Security-fixes-and-releases-tp185956p185960.html
+1
-1
For the 2nd point, note how I am always always lambasted for fixing a bug I haven't reproduced,
and often for good reason (I deal with many stable production forks). Sometimes I catch bugs just
by looking at source codes.
Be careful when applying patches to stable releases. Always be sure it won't destabilize the release.
This holds true for any non-bug fixes, not just for security-related non-bug fixes.
Jonathon
Jacques Le Roux wrote:
> Hi,
>
> This is the official vote thread about security issues and fixes in releases
>
> My proposition is to make a vote on 2 points
>
> Please vote for each points
> [+1] Yes
> [+0] I'm fine either way
> [-1] No
>
> 1. Do you vote for commiting the patch input-with-password.patch from Jira issue
https://issues.apache.org/jira/browse/OFBIZ-1106 in
> release4.0 (please see thread <<release4.0: OFBIZ-1106 (in or out?)>> in dev ML for history) ?
>
> 2. Do you vote for, in general, commiting security fixes in releases ?
>
> Other examples of other security issues may be found from here :
>
https://issues.apache.org/jira/browse/OFBIZ-178>
> Thanks
>
> Jacques
>
>