Hi Dirk and Salvatore,
> From: Dirk Eddelbuettel <e...@debian.org>
> On 11 March 2017 at 17:56, Salvatore Bonaccorso wrote:
> |
> | The relevant changes seem to be the following, but I might be mistaken.
> (btw,
> | is there a VCS repository for r-base or does upstream not share development
> | VCS?)
>
> They do at svn.r-project.org -- but that isn't browsable -- and the
> community has a mirror here https://github.com/wch/r-source
Actually there is anonymous access:
$ svn log https://svn.r-project.org/R/trunk/ | head
------------------------------------------------------------------------
r72357 | luke | 2017-03-16 04:32:54 +0900 (jeu. 16 mars 2017) | 4 lignes
Use two uniforms in sample() for higher precision when the uniform
generator is one of the Knuth generators or a user-defined generator
and the population size is at least 2^25.
------------------------------------------------------------------------
r72356 | luke | 2017-03-16 03:58:45 +0900 (jeu. 16 mars 2017) | 2 lignes
But the GitHub mirror is likely to be more convenient
> | Can you as well please make sure with the release team that the fix might
> enter
> | for stretch?
>
> How would I do that? Suggest current upstream 3.3.3 to be passed down, or
> prepare a 'testing-security' upload?
Actually, I see 3.3.3 in testing already.
On my side, I plan to fix the security issue in jessie-backports by
updating it to 3.3.3 as well.
Have a nice day,
--
Charles
