I don't think we should update a release last issued 5 years ago - so no 2.18.3.
It also seems that a security problem with no reported problems actually
happening in 5 years can be so serious to warrant rushing out a new release?
The problem is known, it is published how to exploit the problem, and it is
really easy to write an exploit.
I really think the problem is severe enough to justify a lilypond 2.18.3
release.
stable/2.18 does not build on my openSuSE Tumbleweed system without a few
patches, see issues #4814 and #4965.
Even with those patches make doc fails, but an easy fix is to default
gs_load_fonts to true:
diff --git a/scm/lily.scm b/scm/lily.scm
index 9b0a6d2aad..5f565d8c07 100644
--- a/scm/lily.scm
+++ b/scm/lily.scm
@@ -232,7 +232,7 @@ regression testing.")
"Pad left edge of the output EPS bounding box by
given amount (in mm).")
(gs-load-fonts
- #f
+ #t
"Load fonts via Ghostscript.")
(gs-load-lily-fonts
#f
Knut
_______________________________________________
lilypond-devel mailing list
lilypond-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/lilypond-devel
