All, I see only two choices good enough for considering:
a) Release 2.1.5.18497 and 2.5.2.26540 (suffixed with "Security Update 1"), don't mark it as a separate release but replace the binaries with the new version (like we did for the "bad" builds in the past). The question here is whether we need to publish the fixed v2.0.7 as well. It's discontinued but present on our website home page. b) Defer the security patch till 2.1.6 and 2.5.3 but try releasing them earlier than scheduled originally. IMO, this is easier to do with v2.5.3 which is currently scheduled for Q2 and already has enough bugfixes than for v2.1.6 that is expected to appear in late summer and still counts only 11 bugfixes. Dmitry ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel