Release Meeting Minutes/2013-04-23

Will Fiveash, Thomas Hardjono, Greg Hudson, Ben Kaduk, Simo Sorce, Zhanna Tsitkov, Tom Yu

Simo

Günther had a few new packages for pkgconfig

Tom

Relatedly, what subpackages should we have for CPE purposes?

Greg

KDC (including kadmin), app server, client.

Tom

krb5-1.9.5 EOL release for krb5-1.9, unless strong objections.

Simo has concerns about backports of security patches. Tom clarifies that we'll patch master, and can backport patches if requested (where they don't apply cleanly to older releases). We'll still handle vulnerabilities specific to unsupported releases, but won't issue new patch releases. We would generally issue patches and check patches into the release branch without intending to make a formal patch release.

Zhanna

Clarify documentation about meaning of supported releases

Zhanna

Audit -- translate numbers to strings?

Greg

Dmitri suggested strings only.

Zhanna

Better type safety.

Some discussion. All strings means some plugin authors would have to do more work. Also complicates memory management in the audit code paths in the KDC.

Zhanna

TGS-REQ second ticket means another layer of messages.

Tom

Could split into multiple audit events, correlate by hash of request or something.