[oi-dev] samba security

Rich rercola at acm.jhu.edu
Sun Apr 15 18:18:01 UTC 2012


Testing a multi-version-upgrade like that on every running environment
is not trivial, whereas adding a single patch to an existing issue to
the known-working version is far less likely to have catastrophic
fallout.

"Stable" means "No, really, we don't think upgrading will
spontaneously break anything".

- Rich

On Sun, Apr 15, 2012 at 1:59 PM, Martin Walter <mawa at uni-freiburg.de> wrote:
> On Sun, Apr 15, 2012 at 06:05:33PM +0100, Alasdair Lumsden wrote:
>
> Hi Alasdair,
>
>> If you'd like things to proceed faster, I'd like to point out that the devs working on OI are contributing their free time to do this. If you value OI then you're welcome to assist us and help get things updated faster.
>
> I really appreciate the great work of all you devs, but I fear I am not able to help very much, because of lack of skill and time.
>
>> The stable release is about backporting critical security fixes, and this one sounds like the kind of thing we should look at backporting. So we will look into it and see what can be done. But it probably won't involve a version bump, more a patch to the older version.
>
> Would it be not easier and better to just make the newest version available?
> E.g. I would much more prefer just a samba-3.6.4 package than an updated samba-3.5.5.
>
> I already tried to generate samba-3.6.4, but failed wih ldap_initialize....
>
> Best regards,
> Martin
>
>
> _______________________________________________
> oi-dev mailing list
> oi-dev at openindiana.org
> http://openindiana.org/mailman/listinfo/oi-dev




More information about the oi-dev mailing list