I have finally decided to backport this (low) security issue.
It's easy to do so, better to be safe than sorry.
Jacques
Le 20/03/2020 à 10:51, jler...@apache.org a écrit :
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository
Michael,
OK, I can wait 5 days more :) So it will be more for the next weekend
Jacques
Le 20/03/2020 à 09:44, Michael Brohl a écrit :
Jacques,
you announced a month, please stay with that or even think about expaning the test period. This is not a trivial case and with the current global
sit
Jacques,
you announced a month, please stay with that or even think about
expaning the test period. This is not a trivial case and with the
current global situation, a lot of people will have more urgent problems
to solve at the moment.
Thanks,
Michael
Am 20.03.20 um 08:44 schrieb Jacques
Hi,
I initially said I'd wait a month, it will be 24 days next Monday and I don't
expect much more activity now.
So, if nobody disagree, this weekend, I'll commit both the CSRF defense and another vulnerability fix pending. This will allow to release 17.12.02
with our 1+ years backlog of vulne