On Thu, Dec 04, 2003, Ralf S. Engelschall wrote: >On Thu, Dec 04, 2003, Bill Campbell wrote: > >> [...] >> On a related note, is there any reason you didn't go to rsync-2.5.7 instead >> of updating rsync-2.5.6? When I saw the security advisory last night from >> Rsync, I got the tarball, changed the Version number in the rsync.spec >> file, and it rebuilt without problems. I've been running that on our >> servers here since then without noticeable ill effects. > >I'm not sure whether I understand your question. OpenPKG-CURRENT _is_ >at rsync-2.5.7-20031204. Only OpenPKG-1.2-SOLID and OpenPKG-1.3-SOLID >packages are at rsync-2.5.5-1.2.1 and rsync-2.5.6-1.3.1. But these are >old versions with the security bugfix backported. And that's the way we >do all security update packages: the vendor version is intentionally >kept (for full compatibility) and the security fix is included.
I wasn't aware of this policy as I think I've seen a reasonable number of version updates in the release tree Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``Guns are no more responsible for killing people than the spoon is responsible for making Rosie O'Donnell fat.'' ______________________________________________________________________ The OpenPKG Project www.openpkg.org User Communication List [EMAIL PROTECTED]
