couchdb: security update to 2.2.0 #1314

l2dy · 2018-08-09T01:44:56Z

CVE-2018-11769

MingcongBai · 2018-08-17T02:59:34Z

Upgrading to 2.2.0 even if it's a patch release...

All users should upgrade to CouchDB 2.2.0.

Upgrades from previous 2.x versions in the same series should be seamless.

MingcongBai · 2018-08-17T03:08:52Z

This package, even able to be built with a patched rebar.config.script to "fix" Erlang version detection, will crash with Erlang 21 - which is the current version available from the stable repository.

Fixing this package will require introduction of a "compat" 20.x erlang package, making it only able to be fixed in the explosive branch. Or alternatively, we can wait for the next release, marking to-explosive and stalled.

l2dy · 2018-12-18T10:07:51Z

To be superseded.

l2dy added upgrade Topic/issue involves a package upgrade security Topic/issue involves a security issue/fixed labels Aug 9, 2018

MingcongBai added the to-stable label Aug 17, 2018

MingcongBai added stalled Topic/issue has stalled to-explosive and removed to-stable labels Aug 17, 2018

l2dy closed this as completed Dec 18, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

couchdb: security update to 2.2.0 #1314

couchdb: security update to 2.2.0 #1314

l2dy commented Aug 9, 2018

MingcongBai commented Aug 17, 2018

MingcongBai commented Aug 17, 2018

l2dy commented Dec 18, 2018

couchdb: security update to 2.2.0 #1314

couchdb: security update to 2.2.0 #1314

Comments

l2dy commented Aug 9, 2018

MingcongBai commented Aug 17, 2018

MingcongBai commented Aug 17, 2018

l2dy commented Dec 18, 2018