On 11/12/2011 Rob Weir wrote:
Tthe practice is to check in such fixes without making it evident to
the observer that it is security-related. So don't expect SVN
comments to give it away.
Like this?
http://cgit.freedesktop.org/libreoffice/core/commit/?id=cf5d0e20f2ba5a71f9ca2ed78a1b24841c97bb06
I know the example is from LibreOffice (even though the bug might be
shared with OpenOffice.org or Apache OpenOffice) but I just happened to
spot it and it doesn't seem particularly hidden... Such a policy would
have to apply to all related projects (again, I totally don't know if
this bug is related to Apache OpenOffice too, I'm just discussing the
issue in general).
Regards,
Andrea.
