[Pkg-blender-maintainers] skipping 2.40 and going directly to
2.41?
Wouter van Heyst
larstiq at larstiq.dyndns.org
Tue Jan 10 01:18:49 UTC 2006
On Tue, Jan 10, 2006 at 12:04:08AM +0100, Florian Ernst wrote:
> On Mon, Jan 09, 2006 at 10:39:23PM +0100, Wouter van Heyst wrote:
> > Supposedly 2.41 is out within a week, is it a good idea to wait for
> > that, or should we first get 2.40 in for the fixes that have
> > accumulated? Specifically thinking of overflows.
>
> In the light of the recent vulnerabilities we should now get out an
> update as soon as possible.
I agree to that, I'll postpone a move to python2.4 then.
>
> The current 2.40-1 upload is set to urgency "high", thus it will
> be elegible for migration to Testing two days after the upload. If
> there are no issues that render this release unfit for uploading I'd
> very much prefer to roll out right now, leaving plenty of time until
> next week. This way we could fix those security bugs that are also
> present in Stable as well.
Having said that, I don't have any changes that I think should go in
right now, so I think we should upload as soon as we think that
everything we have now is good, or if that takes too long, take some out
again. How about you?
> Do you know whether 2.41 will fix #332413: CAN-2005-3151:
> Bufferoverflow in blenderplayer arg parsing?
I haven't seen any mention of that, but will ask.
Wouter van Heyst
More information about the Pkg-blender-maintainers
mailing list