incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <>
Subject Re: Extraordinary OpenOffice security patch (Was: [Incubator Wiki] Update of "April2012" by robweir)
Date Thu, 12 Apr 2012 14:05:00 GMT
On Thu, Apr 12, 2012 at 9:07 AM, Jukka Zitting <> wrote:
> Hi,
> On Thu, Apr 12, 2012 at 7:43 AM, William A. Rowe Jr.
> <> wrote:
>> Short of people.a.o/~luser/my-patch.tgz, I'm fairly certain that
>> can't happen with an incubating podling.  Everything under the space
>> /dist/ must exist under a PMC.
> I totally agree for proper releases (with a source archive) blessed by
> the PMC (on private@ if needed). However, this was neither, so I find
> using the same location a bit troublesome.
> Anyway, it sounds like the case was handled reasonably well under some
> fairly challenging constraints, so I'm not too worried about  details
> like this as long as this remains a one-off special case. I only
> wanted to bring this up to make sure this doesn't become a standard
> procedure without a broader discussion of how cases like this should
> be handled.

If there is anything worth additional consideration, it would be how
to handle large incubation projects, where the time to initial Apache
release is long enough that there is a possibility or even likelihood
of needing to release a security patch for a legacy version of the
product.  In some cases the original sponsors of the project are still
around and can continue to do this kind of maintenance. In other
cases, as with OpenOffice, this is not true.

I'd recommend that future podlings, and the IPMC, consider this aspect
when reviewing new podling applications.  It should probably be
treated explicitly in the wiki proposal for podlings that expect to
take more than 3 or 4 months to get to their first release.



> BR,
> Jukka Zitting
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message