I'm curious how everyone grabs security patches if JIRA returns PERMISSION VIOLATION messages for security tickets (which means the handy "version control" tab with links off to viewvc are not available).
For example, what CVS commands would I use to grab the three distinct patches for MSA-09-011?
Unfortunately, upgrading to the latest point release is not an option where I work.
Thanks,
Brian
Hello,
the version control tab is generated from the cvs commit messages, I guess the easies way is to search for MDL-xx numbers in moodle git repository somehow.
In most cases it is better to spend time on testing the latest release instead of trying to backport stuff into old releases. Blind applying of patches may not be good approach, because the fixes might depend on other changes that were done previously in the stable branch.
The main reason for keeping the issues closed is that there is very often detailed exploit information in the tracker.
Petr
the version control tab is generated from the cvs commit messages, I guess the easies way is to search for MDL-xx numbers in moodle git repository somehow.
In most cases it is better to spend time on testing the latest release instead of trying to backport stuff into old releases. Blind applying of patches may not be good approach, because the fixes might depend on other changes that were done previously in the stable branch.
The main reason for keeping the issues closed is that there is very often detailed exploit information in the tracker.
Petr