On 07/21/2010 02:35 PM, Wesley Craig wrote:
On 21 Jul 2010, at 15:27, Patrick Goetz wrote:
Meanwhile, I'm going over the patches the redhat people added to
cyrus-imapd-2.3.16-5.src (actually, first comparing the differences
between this newer version and cyrus-imapd-2.3.16-3.fc13.src) to see
if there's anything there that needs to be migrated to the debian
package.
And pass along anything that hasn't been upstream!
What about stuff that's a bug but not really a bug? Recently I asked
about some custom memory mapping routines (~/lib/map_stupidshared.c)
designed to "work around DEC stupidity", incredulous that anyone was
still using DEC systems, and didn't get a response.
In the case of redhat (cyrus-imapd-2.3.16-5.src), one of the patches
"fixes" ~/imap/make_md5.c by replacing the md5 stuff with sha1.
Technically, this isn't a bug fix, but given that md5 is insecure, is it
really a good idea not to convert this to make_sha1.c?
