Re: [blfs-dev] What's left for the 9.0 release?

Fri, 30 Aug 2019 09:28:43 -0700 

On 8/30/19 10:24 AM, Douglas R. Reno via blfs-dev wrote:

On 2019-08-30 10:22, Xi Ruoyao via blfs-dev wrote:

On 2019-08-30 09:20 -0500, Bruce Dubbs via blfs-dev wrote:

All packages have now been tagged and all tickets closed for the 9.0
release.  What other things are remaining that we need to address before
the Sunday release?



It seems #12448 and #12459 contain various security fixes.  Should we 
backport them to 9.0?



#12456 (Ruby) has a fix for two vulnerabilities - one from 2012 and one 
from 2015. The problem with backporting updates is that I believe that 
everything that links to them has to be retested. That being said 
though, I'd give a +1 to backporting them.


Webkit has

gnome/applications/evolution.xml
gnome/platform/yelp.xml
gnome/platform/gnome-online-accounts.xml
gnome/platform/zenity.xml
xsoft/graphweb/epiphany.xml
xsoft/other/balsa.xml

Ruby has:

server/databases/mariadb.xml
x/lib/webkitgtk.xml
postlfs/editors/vim.xml
xincludes/texruntime.xml
general/graphlib/gegl.xml
general/prog/subversion.xml
general/genutils/graphviz.xml
pst/xml/docbook-xsl.xml

libgcrypt has:

networking/netprogs/samba.xml
networking/netutils/wireshark.xml
x/lib/gtk-vnc.xml
x/installing/mesa.xml
x/installing/xorg-server.xml
x/dm/lightdm.xml
postlfs/virtualization/qemu.xml
postlfs/security/cryptsetup.xml
postlfs/security/gnupg2.xml
multimedia/libdriv/gst10-plugins-bad.xml
multimedia/videoutils/vlc.xml
kde/kf5/kf5-frameworks.xml
gnome/applications/vino.xml
gnome/platform/gcr.xml
gnome/platform/totem-pl-parser.xml
gnome/platform/gvfs.xml
gnome/platform/libsecret.xml
general/sysutils/accountsservice.xml
general/sysutils/systemd.xml
general/sysutils/rasqal.xml
general/genlib/libxslt.xml
general/genlib/qca.xml
general/genlib/libssh2.xml
xsoft/office/abiword.xml
xsoft/other/tigervnc.xml
xsoft/other/pidgin.xml

Do we have any volunteers?


The alternative is to update after release and publish notification in 
the errata.  I'll note that we get these types of security updates 
continuously thoughout the year. webkit and firefox seem to get them 
quite often.


  -- Bruce

--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
























					Reply via email to