Re: recommended D-Bus version for GNOME releases

On 1/22/07, John (J5) Palmieri <johnp redhat com> wrote:
Hi guys,

I was going over the GNOME release and noticed we are still using 0.93.
Not only is this a non supported version upstream it contains a denial
of service exploit CVE-2006-6107 - match rules can be removed by apps
that did not create them.  I suggest we move recommendations to 1.0.2
which fixes that bug and a whole lot of other bugs.  1.0.x series is
API/ABI stable and supported by upstream.

We should probably add some time limit on the instructions somewhere.
Anyway, John, go ahead and update whenever
you feel there's been enough time for feedback.  If anyone notices
other version update proposals that have had only positive feedback,
feel free to update the page for those too.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]