Re: recommended D-Bus version for GNOME releases
- From: "Elijah Newren" <newren gmail com>
- To: "John (J5) Palmieri" <johnp redhat com>
- Cc: Gnome Release Team <release-team gnome org>
- Subject: Re: recommended D-Bus version for GNOME releases
- Date: Tue, 23 Jan 2007 10:16:32 -0700
On 1/22/07, John (J5) Palmieri <johnp redhat com> wrote:
Hi guys,
I was going over the GNOME release and noticed we are still using 0.93.
Not only is this a non supported version upstream it contains a denial
of service exploit CVE-2006-6107 - match rules can be removed by apps
that did not create them. I suggest we move recommendations to 1.0.2
which fixes that bug and a whole lot of other bugs. 1.0.x series is
API/ABI stable and supported by upstream.
We should probably add some time limit on the instructions somewhere.
Anyway, John, go ahead and update
http://live.gnome.org/TwoPointSeventeen/ExternalDependencies whenever
you feel there's been enough time for feedback. If anyone notices
other version update proposals that have had only positive feedback,
feel free to update the page for those too.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
