On 2015-05-29 17:50:01 +0200 (+0200), Ihar Hrachyshka wrote: [...] > if we attempt to fix a security issue that has a backwards > incompatible fix, then we are forced in introducing a new > configuration option to opt-in the new secure world. [...]
To my knowledge that's how we've handled these in the past anyway, accompanied by publication of a security note (not advisory) suggesting the steps necessary to enable the breaking change when opting into the bug fix. -- Jeremy Stanley __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
