Stefan Hornburg (Racke) a écrit :
Thomas Viehmann wrote:
sympa has two RC bugs open for about one month, #496520 about insecure
usage of tmp (which looks at least partially fixed upstream, but has no
maintainer response) and #498144 about problems on upgrade (with an
initial maintainer response "will investigate, also happened to people
at the last security upgrades", but no visible activity since).
Applying the patch from
http://sourcesup.cru.fr/cgi/viewvc.cgi/branches/sympa-5.4-branch/src/tools.pl?r1=4943&r2=5124
should solve issue #496520, is that right?
It seems that the version of Sympa in lenny (testing) is 5.3.4.
Our process regarding maintenance of previous versions of Sympa is the
following :
* when releasing a new major release (x.y) we create a dedicated SVN
branch for the previous stable version and update this branch with
important bug fixes
* we only maintain two branches at a time : the trunk and the
previous stable branch
As a Sympa developer I'm worried because we don't maintain this Sympa
5.3.4 anymore.
The current version of Sympa is 5.4.3 ; any chance this version will be
distributed with Lenny instead of the old one?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
