On Tue, 20 Oct 2015, Kurt Roeckx wrote: > So as already pointed out before, since the 1.0.0 release there is a > new release strategy that in the 1.0.x series, where x doesn't change, > no new features are added unless it's really needed for either > security reasons or compatibility reasons. As far as I know between > the version in oldstable (a patched 1.0.1e) and 1.0.1p only 1 feature > got added, and people really have been asking for that one. > > OpenSSL upstream also already has a policy that at least 2 people from > the team should review all the changes. Since there are so many > changes I don't think it's reasonable for the release team to review > all of them.
It certainly doesn't seem reasonable to expect the SRMs to review line by line, but maybe a summary of the changes would help them make a decision? > The alternative is that I go and cherry pick the important bug fixes. > By this time there are really a lot that I would like to have in the > stable releases and I think going that way actually has a higher > chance of breaking things. Right. SRMs: what would be the best way for Kurt to move forward? Would a list of the specific bug fixes and additional features be enough for an initial yes/no, given the review process upstream? -- Don Armstrong http://www.donarmstrong.com There is no more concentrated form of evil than apathy.
