[libvirt] closing old maint branches [was: [v0.9.12-maint 0/8] Backport changes for CVE-2013-6458 to v0.9.12-maint]
On 01/15/2014 01:43 PM, Eric Blake wrote:
Is anyone still using v0.9.11-maint? The CVE extends back to 0.9.8, so
we could argue that we should either fix the 0.9.11 branch, or add
another commit to the branch that explicitly marks it as end-of-life
because no one appears to be relying on it. Fedora 18 is now
end-of-life, so from Fedora's perspective, I only care about 0.10.2
(RHEL and CentOS 6), 1.0.5 (F19), 1.1.3 (F20) and soon 1.2.1 (rawhide),
although I didn't mind touching all the intermediate branches on my way
down to 0.10.2. RHEL 5 is also vulnerable to CVE-2013-6458, but as we
don't have an upstream v0.8.2-maint branch (thank goodness!), that's
something for Red Hat to worry about.
I've gone ahead and marked v0.8.3-maint and v0.9.11-maint as closed (I'm
not posting the actual patch here, but it was done by 'git rm -f \*'
followed by recreating .gitignore and a placeholder README that mentions
the death of the branch).
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 604 bytes)