logo_kerberos.gif

Release Meeting Minutes/2013-04-23

From K5Wiki
< Release Meeting Minutes
Revision as of 14:00, 26 April 2013 by TomYu (talk | contribs) (New page: {{minutes|2013}} Will Fiveash, Thomas Hardjono, Greg Hudson, Ben Kaduk, Simo Sorce, Zhanna Tsitkov, Tom Yu ;Simo: Günther had a few new packages for pkgconfig ;Tom: Relatedly, what sub...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Will Fiveash, Thomas Hardjono, Greg Hudson, Ben Kaduk, Simo Sorce, Zhanna Tsitkov, Tom Yu

Simo
Günther had a few new packages for pkgconfig
Tom
Relatedly, what subpackages should we have for CPE purposes?
Greg
KDC (including kadmin), app server, client.
Tom
krb5-1.9.5 EOL release for krb5-1.9, unless strong objections.

Simo has concerns about backports of security patches. Tom clarifies that we'll patch master, and can backport patches if requested (where they don't apply cleanly to older releases). We'll still handle vulnerabilities specific to unsupported releases, but won't issue new patch releases. We would generally issue patches and check patches into the release branch without intending to make a formal patch release.

Zhanna
Clarify documentation about meaning of supported releases
Zhanna
Audit -- translate numbers to strings?
Greg
Dmitri suggested strings only.
Zhanna
Better type safety.

Some discussion. All strings means some plugin authors would have to do more work. Also complicates memory management in the audit code paths in the KDC.

Zhanna
TGS-REQ second ticket means another layer of messages.
Tom
Could split into multiple audit events, correlate by hash of request or something.