On Tue, May 27, 2008 at 09:08:52PM +0300, Faidon Liambotis wrote:
> Florian Weimer wrote:
>> * Faidon Liambotis:
>>
>>> security team, what do you think?
>>> Should I prepare a new version with these changes and upload it to
>>> security-proposed-updates?
>>
>> Do you mean stable-proposed-updates? That's up to the stable release
>> managers.
>>
>> I don't like uploading such a change as a security update if we can
>> avoid it. If you can guarantee sufficient testing, we could release a
>> DSA errata, but this looks more like stuff for a point release.
> That's what I wrote initially, hence the typo :)
>
> I'm not so sure myself, we (upstream actually) broke an important
> functionally badly; 16 calls on a core2 duo 2.33GHz is a *very* *very*
> low number.
>
> It's a regression from a fix made in a security release, perhaps it
> should be fixed with a DSA?
>
> I'm not sure I could gurantee sufficient testing; I could test a channel
> or two, but not sure about running a high number of calls.
> Perhaps one of our reporters could do that?
>
> I don't know, I'll leave it up to you.
What's the status? Shall we push the fix in the upcoming r4 release?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
