tcpdump mailing list archives
Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769?
From: Denis Ovsienko <denis () ovsienko info>
Date: Mon, 24 Nov 2014 23:24:55 +0200
I don't really want to put *all* my eggs on github.
I agree that GitHub is a business and businesses are not always in a good shape and are not forever in the best case. Specifically, many projects have had a lesson from SourceForge "developments" in the recent few years. Besides that, where a project is hosted does not matter as much as if it has working backups (in this scope git provides a very convenient means to backup its own repositories). Hosting hardware and software just fail from time to time, whether the infrastructure is your own or sponsored by somebody else. So the problem is to let GitHub do its good things to tcpdump yet to protect from the bad ones. To me it seems that for the next few years the best balance between survivability and convenience would be in continuing to use both GitHub and bpf.tcpdump.org, but with one important change. The changes should normally be committed to GitHub instance only, as that's currently the environment that is most convenient for contributors of varying levels of experience. Then bpf.tcpdump.org would not experience auto-merging difficulties any more and with the two repositories being 100% identical the read-only choice between the two will become again purely theoretical and a matter of taste. A weekly backup of bpf.tcpdump.org on top of that will bring a complete peace of mind. Does that sound reasonable? -- Denis Ovsienko _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769?, (continued)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Guy Harris (Nov 24)
- Message not available
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Romain Francoise (Nov 25)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Michal Sekletar (Nov 25)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Kishore Kumar (Nov 25)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Michal Sekletar (Nov 25)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Romain Francoise (Nov 27)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Michael Richardson (Nov 24)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Michal Sekletar (Nov 24)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Michael Richardson (Nov 24)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Guy Harris (Nov 24)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Denis Ovsienko (Nov 24)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Guy Harris (Nov 24)
- Message not available
- bpf.tcpdump.org vs github Michael Richardson (Nov 24)
- Re: bpf.tcpdump.org vs github Guy Harris (Nov 24)
- Re: bpf.tcpdump.org vs github Denis Ovsienko (Nov 25)
- Re: bpf.tcpdump.org vs github Michal Sekletar (Nov 25)
- Re: bpf.tcpdump.org vs github Michael Richardson (Nov 25)
- Re: bpf.tcpdump.org vs github Michal Sekletar (Nov 25)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Romain Francoise (Nov 24)
- Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? Guy Harris (Nov 23)