On February 16, 2016 4:26:42 PM CST, Bruce Dubbs <[email protected]> wrote: >Douglas R. Reno wrote: >> On Feb 16, 2016 2:59 PM, "Ken Moffat" <[email protected]> >wrote: >>> >>> On Tue, Feb 16, 2016 at 10:21:07AM -0600, Bruce Dubbs wrote: >>>> It looks like we need to change lfs-7.9-rc1 due to security issues: >>>> >>>> https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html >>>> >>>> This will result in a new patch for glibc. There are other >possible >>>> packages that will need patches. Please hold off any BLFS tagging >for >> now. > >>> I wonder if we should wait for 2.23 ? It looks as if backports will >>> have to wait, and might take some time (I only glanced at the inline >>> patch, but it looked "somewhat large" and the tests were in an >>> attachment to a followup mail. >>> >>> I did some tags recently, thought I would check my mail before doing >>> the next batch - wish I had checked earlier. Do you want me to >>> alter all the 7.9 tags back to 7.8 (seems easier than 'svn revert' >?) > >> February 18th (2 days) was the release date put out there last month. >I >> honestly am on the fence about this one, however I am leaning towards >> waiting for 2.23. > >Possibly, but history has shown that those dates slip -- sometimes by a >lot. >
My concerns about the new version have been stated previously. However, if the patch is really invasive, it earns the same reservations - while much closer, it's still not the same libc everybody has been using for the past couple of months. An extra day or two probably isn't going to hurt...but maybe I'm just paranoid. Isn't glibc always stable? :-) --DJ -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
