Thanks for the MR Roland.
Best regards
Anders
Den fre 30 sep. 2022 16:41Jeff Morriss skrev:
>
> On Fri, Sep 30, 2022 at 5:50 AM Dario Lombardo wrote:
>
>> Hi Anders,
>> unfortunately this is a hairy issue. Redhat's policy about security is a
>> bit puzzling. They patch (as told before) old vers
On Fri, Sep 30, 2022 at 5:50 AM Dario Lombardo wrote:
> Hi Anders,
> unfortunately this is a hairy issue. Redhat's policy about security is a
> bit puzzling. They patch (as told before) old versions to make them not
> vulnerable, maintaining the same version number. This is weird since being
> vu
The c-ares library is not the reason for 3.6 being RHEL 8 last edition. The
reason is Qt6 which is still not officially supported and therefore, as we
recommend it at least for Windows and macOS makes an obvious difference. I
took a look at the version used for centOS https://pkgs.org/search/?q=c-a
I agree with bumping the version in general, and I can agree that there are
cases where increasing the minimum version saves a lot of headaches even if
we don't need a new API call.
However, minimum version increases can mean effectively dropping support
for a given Linux distribution (at least ou
Hi.
Ok, maybe I have to clarify my thought process here a little bit. The
original version we required as absolute minimum was released nearly 12
years (!!) ago. I needed a newer API call that would have been sufficiently
supported with 1.11 or 1.12. But there were two considerations: first, we
al
Hi,
I just have a problem with our policy here. If we require a certain minimum
version of a library to keep our code simple and keep up with depreciation
and API changes that is fine. But if we start to look at vulnerabilities
where do we draw the line then? Latest qt? Glib? Etc.
Why make it harde
Hi Anders,
unfortunately this is a hairy issue. Redhat's policy about security is a
bit puzzling. They patch (as told before) old versions to make them not
vulnerable, maintaining the same version number. This is weird since being
vulnerable or not is something everyone in the world points out by l