[Nix-dev] Holiday Security Patch Schedule, Embargoed Exim Patch on 2016-12-25
Graham Christensen
graham at grahamc.com
Thu Dec 22 01:55:49 CET 2016
zimbatm <zimbatm at zimbatm.com> writes:
> What is the URL to check for the security update? I assume it will be on
> the github issue?
The original posting was here:
http://www.openwall.com/lists/oss-security/2016/12/18/3 and here:
http://www.openwall.com/lists/oss-security/2016/12/21/1 they clarify it
will be released as follows:
> To be more precise: On Dec, 25th, at 10.00 UTC we'll push the changes
> to the public Git repository git://git.exim.org/exim.git and upload
> the tar balls into the FTP area ftp://ftp.exim.org/pub/exim/exim4
Here they get the necessary flak for releasing on Christmas:
http://www.openwall.com/lists/oss-security/2016/12/21/10
and here they defend their decision, and it makes a bit of sense:
http://www.openwall.com/lists/oss-security/2016/12/22/1 ;)
I'm think it is safe to assume that you're "it", Zimbatm! I appreciate
your taking this on.
Graham
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 800 bytes
Desc: not available
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20161221/39143738/attachment.sig>
More information about the nix-dev
mailing list