Discussion was requested in bug to see if security issues should be
fixed before or after release. There are two low severity security
issues in OpenSSL-1.1.0h currently in rc1. My thoughts, there is a low
probability of breakage, and since we need to do kernel and headers
again (again, I assumed this was a necessity instead of discussion), I
figured OpenSSL would be a shoe-in as a result of that. I don't see a
problem with it, but understand that there is some risk of breakage. The
same is true of all the updates, but again, all minimal risk.
I figure at least a few of us haven't updated to the RC yet, so any
issues would be discovered on those rebuilds (these would only be
packages between end of LFS and Xorg in BLFS). If nobody else is
planning on full rebuild for RC, I can commit to rebuilding everything
that depends on them currently to validate after I complete the few
items I've assigned to myself.
I've updated all outstanding packages that I've slotted for 8.3,
including the obligatory glibc rebuild for new kernel headers, and am
proceeding with those changes in place. Unfortunately, the updates did
not come in until after I had completed Xorg (2nd milestone on my build
order). I intend to do a short overnight build of LFS in a different prefix.
Thoughts? I guess really, do any editors intend to start from scratch
for the RC period or is everyone up to date already?
--DJ
--
http://lists.linuxfromscratch.org/listinfo/lfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
