Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 01 Jun 2001 16:44:06 +0300
From:      Maxim Sobolev <sobomax@FreeBSD.ORG>
To:        Kevin Lo <kevlo@FreeBSD.ORG>
Cc:        cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
Subject:   Re: cvs commit: ports/java/linux-jdk13 Makefile distinfo   pkg-plistports/java/linux-jdk13/files patch-aa patch-ab  patch-ac
Message-ID:  <3B179C26.876CEF3D@FreeBSD.org>
References:  <Pine.LNX.4.21.0106012103420.29719-100000@colo.toptk.com> <3B1807DA.9A5553F1@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Kevin Lo wrote:

> Maxim Sobolev wrote:
>
> > Kevin Lo wrote:
> >
> > > Maxim Sobolev wrote:
> > >
> > > > sobomax     2001/06/01 01:18:53 PDT
> > > >
> > > >   Modified files:
> > > >     java/linux-jdk13     Makefile distinfo pkg-plist
> > > >     java/linux-jdk13/files patch-aa patch-ab patch-ac
> > > >   Log:
> > > >   Undo upgrade to 1.3.1. Unfortunately committer who committed change did not
> > > >   notice PR submitter's follow-up in which he asked not to do upgrade due to
> > > >   the bug discovered in this particular version of JDK.
> > >
> > > *sigh* Where the bugs are ? Are you the maintainer ?
> >
> > I only did what original author of the PR asked for.
>
> If the submitter is wrong, should I be wrong, too?
> If the submitter said that the foo port has bugs, you can fix them
> even though you're not the maintainer?
> Ok, let me ask you a simple question:
>
> HOW DO YOU KNOW THAT THE SUBMITTER IS RIGHT IN THIS CASE???
>
> Did you find any bug? Did you test it?
>
> Obviously, you didn't.
> As you said, you only did what original author of the PR asked for.
> Very good reason, isn't it?

I'm just trying to be at the safe side. I have no reasons to not trust him. If he is
wrong we could do upgrade later - not a big deal.

> > > As I told you via private email, please back it out and add the MESSAGE:
> > >
> > > This binary linux release of the Sun JDK may be
> > > subject to serveral security vulnerabilities that we cannot
> > > correct. More information on those as well as other known
> > > Java vulnerabilities can be found at:
> > > http://java.sun.com/sfaq/chronology.html
> >
> > I'm still not convinced that it is the Right Way [tm] to go. What makes this
> > upgrade so important that we need to tolerate known securities flaws in it?
>
> Did you go to that url and see what bugs for 1.3.1???
> AGAIN, you didn't!! Please back it out!!!!!
> Should I tell you one more time??

Please cool-off and let us back to this issue later.

-Maxim


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B179C26.876CEF3D>