[Buildroot] [PATCH] irssi: security bump to version 1.0.2

Peter Korsgaard peter at korsgaard.com
Wed Mar 15 10:52:02 UTC 2017


>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni at free-electrons.com> writes:

 > Hello,
 > On Tue, 14 Mar 2017 22:21:56 +0100, Peter Korsgaard wrote:

 >> Well, it is both. 1.0.2 is a security fix for 1.0.1, but as we hadn't
 >> moved to the 1.0.x series yet it isn't a pure security bump.

 > It isn't at all :)

 >> I saw the alert so I started working on the update, and only at the end
 >> noticed that the issue didn't actually affect the 0.8.x series. I could
 >> have structured it as 2 separate patches, a bump from 0.8.21 -> 1.0.1 +
 >> a security bump to 1.0.2, but that seemed a bit silly to me.

 > Agreed, 2 patches seem silly.

 >> I can reword the commit text if you have a good idea about how to
 >> explain it?

 > I would simply not indicate in the title that it is a security bump. If
 > it were a security bump, we would have to apply it to the LTS branch,
 > while considering what you explained, we do not need to apply this
 > patch to the LTS branch, because the old 0.8.21 is unaffected. Unless
 > of course, 0.8.21 is affected by other security issues.

Ok, thanks. Committed after rewording the commit description.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list