Scott Kitterman:
> On Sunday, March 10, 2019 11:11:15 AM Wietse Venema wrote:
> > Scott Kitterman:
> > > I received the bug report/patch below from a Debian user. I'm somewhat
> > > busy this weekend/week, so I decided to forward it without evaluation
> > > rather than sit on it for a week until I could research it.
> > >
> > > I attempted to remove the distro specific noise from the report.
> >
> > Sorry for making you the guinea pig.
> >
> > I am considering to withdraw Postfix 3.4 and do a proper Postfix
> > 3.5 release as planned later this year. We can't afford having a
> > stable release with bug-of-the-week fixes like we have now.
>
> I knew I was taking a risk jumping to 3.4 late in our release cycle.
>
> A week from now when it hits Debian Testing, the user base will grow
> significantly and we'll get more feedback.
>
> I guess there weren't enough testers for 3.4 before release. I don't know
> that that situation will be better later in the year for 3.5. From my point
> of view (I don't know about other distros/OS), it would be somewhat painful to
> stay on 3.3 for the next release at this point, but it'll be a lot harder a
> week from now.
>
> My preference would be to press on with 3.4 (I don't mind packaging the bug
> fixes if you don't mind releasing them), but if you are going to withdraw 3.4
> please do it before next Sunday so I can keep it out of the next Debian
> release.
We know of multiple bugs that broke 'desirable functionality' after
an overhaul of the TLS stack, and that were kindly brought to the
developer's attention by folks like you.
I have to consider the possibility that the same overhaul introduced
an equal if not larger number of bugs with 'undesirable functionality',
and that these bugs will be found by not-so-kind folks, who will
report them only if it helps to promote themselves while at the
same time destroying Postfix's good reputation.
Wietse
