[Buildroot] [PATCH] irssi: security bump to version 1.0.2
Peter Korsgaard
peter at korsgaard.com
Wed Mar 15 10:52:02 UTC 2017
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni at free-electrons.com> writes:
> Hello,
> On Tue, 14 Mar 2017 22:21:56 +0100, Peter Korsgaard wrote:
>> Well, it is both. 1.0.2 is a security fix for 1.0.1, but as we hadn't
>> moved to the 1.0.x series yet it isn't a pure security bump.
> It isn't at all :)
>> I saw the alert so I started working on the update, and only at the end
>> noticed that the issue didn't actually affect the 0.8.x series. I could
>> have structured it as 2 separate patches, a bump from 0.8.21 -> 1.0.1 +
>> a security bump to 1.0.2, but that seemed a bit silly to me.
> Agreed, 2 patches seem silly.
>> I can reword the commit text if you have a good idea about how to
>> explain it?
> I would simply not indicate in the title that it is a security bump. If
> it were a security bump, we would have to apply it to the LTS branch,
> while considering what you explained, we do not need to apply this
> patch to the LTS branch, because the old 0.8.21 is unaffected. Unless
> of course, 0.8.21 is affected by other security issues.
Ok, thanks. Committed after rewording the commit description.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list