Security release for 2.4 series?
Tim Champ
champ at umbc.edu
Mon Dec 14 11:04:10 EST 2015
Hello all.
We're trying to sort through our path here with patching for the
CVE/commits that were released in 2.5.7, but also relevant to 2.4.18.
We're currently on 2.4 series, and I was wondering what the plans were for
a 2.4 release to address these security fixes. While moving to 2.5 is in
the plans, I always despise a quick upgrade of anything before major
holiday periods!
My other concern was that, honestly, I'm not all that sure what the true
risk and capability to exploit is for these bugs. I've read the CVE's, and
associated discussions on the a few lists - but it hasn't enlightened me as
much as I've hoped.
Any help, or answers, for either issue is appreciated. Thanks!
Tim
--
Tim Champ
Coordinator of Unix Infrastructure
UMBC - Division of Information Technology
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20151214/0d916337/attachment.html>
More information about the Info-cyrus
mailing list