From: "Róbert Čerňanský" <openhs@tightmail.com>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change
Date: Tue, 16 Jan 2018 15:07:45 +0100 [thread overview]
Message-ID: <20180116150745.0000412a@tightmail.com> (raw)
In-Reply-To: <1515617164.20929.1.camel@gentoo.org>
On Wed, 10 Jan 2018 22:46:04 +0200
Mart Raudsepp <leio@gentoo.org> wrote:
> On Wed, 2018-01-10 at 22:38 +0300, Peter Volkov wrote:
> > On Wed, Jan 10, 2018 at 9:31 PM, Aaron W. Swenson
> > <titanofold@gentoo.
> > org> wrote:
> > > Title: GnuCash 2.7+ Breaking Change
> >
> > Aaron, but why do we need this news item? 2.7 version is a
> > development version that is not supposed to be used by end users. As
> > far as I understand this backup is a temporary measure until stable
> > release will be out. It's much better to have this version package
> > masked. Then in package mask comment we could note the need for
> > backup.
>
> 2.6 is insecure by 400+ ancient webkit-gtk security vulnerabilities,
> we can't responsibly wait anymore. 2.7.3 was tested by Aaron (who
> uses it daily) to work quite nicely.
> I want to last rite gnucash-2.6 used webkit-gtk before the month is
> over, as the maintainer of webkit-gtk, and if 2.7 isn't there, 2.6
> will simply be fully masked as well along it.
I assume that the motivation to get 2.7 stabilized early it to protect
users from potentional damages caused via webkit-gtk security
vulnerabilities. However, provided that I use GnuCash to display only
local web data (generated reports) I feel much more comfortable
to entrust my data to the stable 2.6 version rather than unstable 2.7
about which the upstream says:
"Unstable (development) releases are for testing purposes only. They
contain the newest features and improvements, but may also contain
serious bugs still. Don't install these releases for everyday use." [1]
"Due to the possibility of data corruption, unstable releases should
only be used on a copy of live GnuCash data." [2]
I think generated reports are typical use of webkit in GnuCash. Are
attack vectors so severe also in this case?
Thank you.
1. http://gnucash.org/download.phtml
2. https://wiki.gnucash.org/wiki/Development_Process
Robert
--
Róbert Čerňanský
E-mail: openhs@tightmail.com
Jabber: hs@jabber.sk
next prev parent reply other threads:[~2018-01-16 14:17 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-10 18:31 [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change Aaron W. Swenson
2018-01-10 18:33 ` Kristian Fiskerstrand
2018-01-10 22:45 ` Aaron W. Swenson
2018-01-10 18:35 ` Kristian Fiskerstrand
2018-01-10 19:07 ` Ciaran McCreesh
2018-01-10 21:39 ` Aaron W. Swenson
2018-01-10 19:38 ` Peter Volkov
2018-01-10 20:46 ` Mart Raudsepp
2018-01-16 14:07 ` Róbert Čerňanský [this message]
2018-01-16 14:24 ` Kristian Fiskerstrand
2018-01-16 14:45 ` Aaron W. Swenson
2018-01-16 14:58 ` Kristian Fiskerstrand
2018-01-16 20:15 ` [gentoo-dev] " Duncan
2018-01-16 21:56 ` [gentoo-dev] " Róbert Čerňanský
2018-01-16 22:19 ` M. J. Everitt
2018-01-17 7:49 ` Róbert Čerňanský
2018-01-10 21:36 ` Aaron W. Swenson
2018-01-10 22:48 ` Aaron W. Swenson
2018-01-10 22:53 ` Ciaran McCreesh
2018-01-11 1:00 ` Aaron W. Swenson
2018-01-11 9:40 ` Mart Raudsepp
2018-01-11 16:27 ` [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change (v3) Aaron W. Swenson
2018-01-11 18:02 ` Francesco Riosa
2018-01-11 21:18 ` Aaron W. Swenson
2018-01-11 22:09 ` [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change (v4) Aaron W. Swenson
2018-01-11 22:30 ` Ulrich Mueller
2018-01-12 10:40 ` Aaron W. Swenson
2018-01-15 3:06 ` [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change Aaron W. Swenson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180116150745.0000412a@tightmail.com \
--to=openhs@tightmail.com \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox