From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 5/5] package/glibc: bump to 2.27
Date: Tue, 06 Feb 2018 14:44:36 +0100 [thread overview]
Message-ID: <87d11itepn.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <20180206105019.tqnsw3i5l44mt5vs@tarshish> (Baruch Siach's message of "Tue, 6 Feb 2018 12:50:19 +0200")
>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes:
> Hi Arnout,
> On Tue, Feb 06, 2018 at 09:18:38AM +0100, Arnout Vandecappelle wrote:
>> On 05-02-18 22:01, Baruch Siach wrote:
>> > On Mon, Feb 05, 2018 at 09:57:16PM +0100, Romain Naour wrote:
>> >> See: https://sourceware.org/ml/libc-announce/2018/msg00000.html
>> >> https://sourceware.org/glibc/wiki/Release/2.27
>> > Note that this is a security bump fixing CVE-2017-1000408, CVE-2017-1000409,
>> > CVE-2017-16997, CVE-2018-1000001, and CVE-2018-6485.
>>
>> Even though this release fixes a number of CVEs, I wouldn't call it a security
>> bump. Indeed, it also makes a number of potentially breaking feature updates,
>> cfr. the memfd_create() change.
>>
>> So, I would indeed mention the CVE numbers in the commit message, but not put
>> "security bump" in the title so that it doesn't mindlessly get applied to LTS
>> branches.
>>
>> Now, in this particular case we made enough noise about it that it really
>> doesn't matter what goes into the subject line :-) However I think it's good to
>> converge on some conventions on how to tag LTS things.
> I agree that this bump might not be suitable for the maintenance branches. But
> I think we should consider it for the master branch, especially since we are
> still early in the -rc cycle.
Possibly, yes. Lets see how much blows up on next. Do you know if (some
of) these issues are also fixed on the 2.26 branch?
--
Bye, Peter Korsgaard
next prev parent reply other threads:[~2018-02-06 13:44 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-05 20:57 [Buildroot] [PATCH 1/5] package/x11r7/xlib_libxshmfence: fix build with glibc 2.27 Romain Naour
2018-02-05 20:57 ` [Buildroot] [PATCH 2/5] package/pulseaudio: only define memfd_create() if not already defined Romain Naour
2018-02-05 20:57 ` [Buildroot] [PATCH 3/5] package/libraw: rename internal powf64 Romain Naour
2018-02-05 20:57 ` [Buildroot] [PATCH 4/5] package/glibc: remove GLIBC_SRC_SUBDIR Romain Naour
2018-02-05 21:27 ` Yann E. MORIN
2018-02-05 20:57 ` [Buildroot] [PATCH 5/5] package/glibc: bump to 2.27 Romain Naour
2018-02-05 21:01 ` Baruch Siach
2018-02-05 21:16 ` Romain Naour
2018-02-05 21:41 ` Yann E. MORIN
2018-02-05 23:32 ` Peter Korsgaard
2018-02-06 4:15 ` Baruch Siach
2018-02-06 8:18 ` Arnout Vandecappelle
2018-02-06 10:50 ` Baruch Siach
2018-02-06 12:38 ` Arnout Vandecappelle
2018-02-06 13:44 ` Peter Korsgaard [this message]
2018-02-06 13:46 ` Baruch Siach
2018-02-06 14:41 ` Peter Korsgaard
2018-02-06 16:40 ` Baruch Siach
2018-02-05 21:08 ` [Buildroot] [PATCH 1/5] package/x11r7/xlib_libxshmfence: fix build with glibc 2.27 Yann E. MORIN
2018-02-06 12:43 ` Thomas Petazzoni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87d11itepn.fsf@dell.be.48ers.dk \
--to=peter@korsgaard.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox