From owner-cvs-all  Tue Sep  4 16:52:30 2001
Delivered-To: cvs-all@freebsd.org
Received: from obsecurity.dyndns.org (adsl-63-207-60-54.dsl.lsan03.pacbell.net [63.207.60.54])
	by hub.freebsd.org (Postfix) with ESMTP
	id 86C0437B40B; Tue,  4 Sep 2001 16:52:19 -0700 (PDT)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id CD35166D0A; Tue,  4 Sep 2001 16:52:18 -0700 (PDT)
Date: Tue, 4 Sep 2001 16:52:18 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Mikhail Teterin <mi@aldan.algebra.com>
Cc: obrien@FreeBSD.org, ache@nagual.pp.ru, ru@FreeBSD.org,
	cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/lib/libc/stdlib strtol.c strtoll.c strtoq.c strtoul.c strtoull.c strtouq.c
Message-ID: <20010904165218.A59467@xor.obsecurity.org>
References: <20010904140247.A75606@dragon.nuxi.com> <200109042329.f84NTCo57103@aldan.algebra.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="LQksG6bCIzRHxTLp"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200109042329.f84NTCo57103@aldan.algebra.com>; from mi@aldan.algebra.com on Tue, Sep 04, 2001 at 07:29:09PM -0400
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG


--LQksG6bCIzRHxTLp
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Sep 04, 2001 at 07:29:09PM -0400, Mikhail Teterin wrote:
> On  4 Sep, David O'Brien wrote:
> >> What do you mean exactly? Most of our libc files not have rcsids
> >=20
> > That does  not mean they  should not  have them. rcsid's  just haven't
> > been added yet. I explicited added  them to the files you removed them
> > from when I added *ll(). Please put them back just the way they were.
>=20
> BTW, most of the patches in the ports-tree don't have such IDs, but some
> do. Since those IDs are discarded as early as at the "make patch" stage,
> I think they  are pretty useless --  they don't make it  to the compiled
> binaries anyway. But what's the general opinion?

I'm not sure at what point we started talking about ports.
Vulnerabilities in ports are indexed by the port version: when we fix
a vulnerability, the version gets bumped, and it's trivial to check
whether the installed port is vulnerable.

Kris

--LQksG6bCIzRHxTLp
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7lWkyWry0BWjoQKURAnhwAJ9uGqi646uhEAjRiT2Omrlc/xam5gCffkYc
BgKdt0CAD1vuyoZvp6QQMmY=
=j0J2
-----END PGP SIGNATURE-----

--LQksG6bCIzRHxTLp--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message