Kurt Seifried said: > Debian ProFTPD 1.2.0pre10 revision 3 has the root hack mentioned above > however fixed in 1.2.0pre10revision 4, revision 5 also fixes some of the > problems that were possible in rc1
Personally, when I see "1.2.0pre10-4", I think, "This is not the same as the original/base 1.2.0pre10." Depending on how the numbering is implemented, it has been updated 3 or 4 times since the original 1.2.0pre10. So I would not expect it to have the same bugs. > As for the "code freeze", well the code is NOT frozen if Debian is > backporting changes into it, Apache 1.3.9 as shipped by Debian for example > is more like a 1.3.9 sortof 10/11/12 but not really. While the argument "we > are not adding new features" can be used, the fact of the matter is that > Debian is making (in some cases significant) changes to code that changes > behaviour (like fixing root hacks, cross site scripting vulnerability, > whatever). Would you be more comfortable if it were called a "feature freeze"? -- "Two words: Windows survives." - Craig Mundie, Microsoft senior strategist "So does syphillis. Good thing we have penicillin." - Matthew Alton Geek Code 3.1: GCS d- s+: a- C++ UL++$ P+>+++ L+++>++++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI++++ D G e* h+ r++ y+
