Date: Wed, 12 Mar 2014 12:48:17 -0700 From: Xin Li <delphij@delphij.net> To: "Timur I. Bakeyev" <timur@FreeBSD.org>, Xin LI <delphij@freebsd.org> Cc: svn-ports-head <svn-ports-head@freebsd.org>, svn-ports-all <svn-ports-all@freebsd.org>, "ports-committers@freebsd.org" <ports-committers@freebsd.org> Subject: Re: svn commit: r347949 - in head/net: samba36 samba4 samba41 Message-ID: <5320BA01.1010304@delphij.net> In-Reply-To: <CALdFvJGqKbQcJB4axBBaGZE=WrnC%2BdA4dBq9oEE6S%2Bh_zVb7hw@mail.gmail.com> References: <201403120107.s2C17UgI088987@svn.freebsd.org> <CALdFvJGqKbQcJB4axBBaGZE=WrnC%2BdA4dBq9oEE6S%2Bh_zVb7hw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, Timur, On 03/11/14 23:19, Timur I. Bakeyev wrote: > The practice of certain commiters just randomly picking up ports > and making changes there without contacting maintainer beforehand > becomes more and more annoying and abusive recently. > > I've spent all night, trying to put all the stacked changes all > together and test Samba ports when at a commit attempt suddenly > learn, that someone felt the urge to interfere and bump port > versions just cause he was in a mood. Well, thanks a lot. > > And yes, I hate to change PORTREVISION. > > Have a nice day. My apologies if what I did have made you unhappy. I did the update mainly because samba is a popular port, and the advisory for SAMR service is both unenforced security policy and a denial of service (memory leak) from remote that affects all Samba versions. I should have sent an email beforehand but noticed Samba 4.x ports were not updated for a few recent releases that contained relatively important fixes, so I (erroneously) assumed that you may be busy and decided to make the change myself after some basic sanity tests and give you notification after that. Sorry about that. In the future, will the following procedure be an improvement to our existing practice, when a vendor have released a new (full) release to address a security issue, if it's not a vendor issued patch that can be done as a PORTREVISION bump plus adding vendor security patch? - We update vuxml first, and then mark port as FORBIDDEN with a reference to the entry; send maintainer a notification with a special timeout of 24 hours to response with objection; - An update to the port is only done if maintainer approved or did not respond within the deadline. Cheers, - -- Xin LI <delphij@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCgAGBQJTILoBAAoJEJW2GBstM+nsL0gP/1Pxn6LJRanQuDAUQ1HoMkHs xktNIokrMjB9aYLoFahvZBbnKBJTVZk674yhFissOtHVHaxGAEnDmPqQXj9ue+Z3 EERg2xsmmg88Fw8b+VhgZ0SzkEt2kuDnnF/AY1AlPKJV8rx8vAT3LUEQi9rk2ruf 3aVpjfpVxqJn4qyUIHi77+zsVfkvnWmpjMGy5HNUOdql16J//rIdiV3ENA2m8woi PNKe3FTsfC326E3dCfRZhID/2JJRta/ogdhJJPRJ5Ntkjq8ha4pJhJ1h3hUgxgkz nhIOYvU5+IDt9Xlm2/Gbo1OcIsxgBqbDjawmzJ+UkxK4yHB7eTrGYnK5jqYyyExa RDdTyeSv+nBPJ+08JCnn2Fx5HAeVRmurwDo4bigrl5eE5noiTxwb/qH6Nh6iDRvu PMGXpRRxeU95u7r2S/Uax5ajRCPo2Ngz2UmAdpb5BOexBhn5VyXIXs1IqF0YOO6L ClMy8ive+1yFW8ZS42C/wXLcYlZkvLnw8BOvXf0s4eB0M7W9YES7GrLJCHVjqiIL thCj4TpR1OsHWLtjfzKvgwMZZWeUBQKR27bvmzjC7XOxoOky6HplSLd+9uXltYmE rpBrSrtkpzjxdrVS/6IA3EzgCMd/VC0joauhhiOV6NY+y1Xgw0vWmZq59dIeYgHO vNUgsgGMYElWCXQOMwIv =J8oX -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5320BA01.1010304>