> On Apr 4, 2018, at 4:32 AM, Richard Levitte <levi...@openssl.org> wrote: > > The fix itself is easy (just add a line saying 'CPP=$(CC) -E'), and > that's not what I'm here to talk about, but rather how we want to act > in cases like this. Do we make a new release? Do we create an > official patch? Do we make a link to the corrective github PR? > My own sense is that we should put up something, and it should be > visible on our download page and in our source archives. > > Whatever we decide should become policy.
I'd reissue an updated tarball as openssl-1.1.0h-u1.tar.gz, where "u1" is "update 1". This changes only a build bug, not the code, so I'm tempted to keep the release name still 1.1.0h and not bump to 1.1.0i.d -- Viktor. _______________________________________________ openssl-project mailing list email@example.com https://mta.openssl.org/mailman/listinfo/openssl-project