[openstack-dev] [all] [stable] No longer doing stable point releases

Ihar Hrachyshka ihrachys at redhat.com
Mon Jun 1 08:02:30 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 05/29/2015 06:24 PM, Jeremy Stanley wrote:
> On 2015-05-29 17:50:01 +0200 (+0200), Ihar Hrachyshka wrote: [...]
>> if we attempt to fix a security issue that has a backwards 
>> incompatible fix, then we are forced in introducing a new 
>> configuration option to opt-in the new secure world.
> [...]
> 
> To my knowledge that's how we've handled these in the past anyway, 
> accompanied by publication of a security note (not advisory) 
> suggesting the steps necessary to enable the breaking change when 
> opting into the bug fix.
> 

AFAIK at least for keep alive option for wsgi TCP connections we
haven't done it, at least specifically for stable branches (the fixes
were propagated into stable branches during several minor stable
releases).

Ihar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJVbBGWAAoJEC5aWaUY1u577wEH/iqzGLGlc+Rb9bYrWeGRcQxt
bHwbU6kIVPAiJkT9eJGzoRonte/2u/+a6xvIiCXF6kcxIzYF3H25htbDsLe+DWmL
A8jPiSUPYksA/R/9FBoRBZBGr3Qs11imJcQ4PuSMNkM9KiZmlr/yle4kYpAtX9bY
VSsSVasgfplXX+1yR2mm6e0cSQlYWy5y8P2eKRhwYLAzc9LYDOpS2wPnI3Pz+gOQ
Muf3ogYbcC5dlXjZ0skf1QiGdj0Tenm9oVrSot+XhvMqE/sym9SfaV6OvP3193kq
N1xryagRdtsX7DkUfDuolziPMC2x20Q0JZZAcL13hQEa2O8QAjdW747JCb5+lUg=
=YW79
-----END PGP SIGNATURE-----



More information about the OpenStack-dev mailing list