Date: Thu, 11 Oct 2001 08:57:31 -0700 From: Max Khon <fjoe@freebsd.org> To: cvs-committers@freebsd.org Cc: cvs-all@freebsd.org Subject: [fjoe@freebsd.org: Re: cvs commit: src/lib/libc/gen fts.c] Message-ID: <20011011085731.A44164@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
hi, there! ugh, noticed that I hit 'reply' instead of 'group reply' ----- Forwarded message from Max Khon <fjoe@freebsd.org> ----- Date: Thu, 11 Oct 2001 04:23:35 -0700 From: Max Khon <fjoe@freebsd.org> To: Doug Barton <DougB@DougBarton.net> Subject: Re: cvs commit: src/lib/libc/gen fts.c hi, there! On Wed, Oct 10, 2001 at 11:47:39PM -0700, Doug Barton wrote: > > > The questions I'm interested in are: > > > > > > What was the overwhelming necessity of these two changes that required > > > them to be committed to the older branch? Have you tested the build with > > > a clean src and obj directory after your commit? And have you run a > > > system with these changes? > > > > A security fix is a necessary fix. > > Ok, that answers one out of three. There were only two commits to RELENG_3. The first fixed security hole in fts, the second added ability to syslogd to log 8-bit messages cleanly. I think it is syslogd patch we are talking about. Seems that I misinterpreted some facts: one man asked me to commit a few security patches to RELENG_3 (he is ISP and is running RELENG_3 on production servers). He sent me three patches (one for syslogd, one for fts and one for uucp). I decided to leave uucp patch alone (SA was issued not so long ago and I wanted to be sure that noone is going to commit them, ask security officer etc. etc.) He said that Warner Losh agreed to commit them a few months ago but haven't done this so far. He sent me those patches and I forwarded them (both patch for syslogd and fts) to imp and asked can I commit them or not. Right after I emailed imp about these patches I understood that patch for syslogd is not a security fix and asked originator about it and he said that this patch is very important for him too. After that Warner replied to me and said that they have upgraded all their RELENG_3 machines and he is no longer able to test fixes and said "go for it" and I committed both patches. (I haven't realized that Warner might miss second patch at that time) Anyway. Should I back out syslogd.c commit? And yes, I have tested both patches (make buildworld) on clean obj before and after commit and production servers are running with these patches since June. /fjoe ----- End forwarded message ----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011011085731.A44164>