Hi Randy and Alex, I appreciate the feedback and your concern regarding upgrades in stable-branches.
> > This update make sense for the master brnanch but likely not for scarthgap > unless you can show that > this is a bug fix only release. > - This release for sure is not a bug fix only release. It does include support to new feature and can never classify as bug fix only release. > > you'll have to backport any CVE fixes that you're interested in unless > someone explains why this is a sensible update for scarthgap. > > - I do the understand that upgrades are avoided in stable/LTS branches as it might break the compatibility and result in various compilation issues. - However, that would only take place if the backward compatibility of the new upgrade is questionable. - Generally every new releases will have API or ABI-symbols added but if API or ABI symbols are removed from shared libraries or binaries it a matter of concern as it would be the cause of breakdown. - For this release, there are no ABI-symbols or API removed from the binaries and shared libraries. you can cross-check it in different ways (there are open-source tools to check or can be checked by manually comparing the header files) - I have my own script to do so and i always check the backward compatibility before submitting any upgrades and since it was all clear for wpa-supplicant, i went ahead with the upgrade. However, if still the opinion is that upgrade should be avoided, let me know, i would submit the CVE-patch for the same. Regards, Siddharth
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#203703): https://lists.openembedded.org/g/openembedded-core/message/203703 Mute This Topic: https://lists.openembedded.org/mt/108040776/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
