Jeff King <peff@xxxxxxxx> writes: > But it sounds like we're throwing away our usual release-engineering > practices (where the usual practice for a regression is "revert it, it > can happen in the next cycle") in favor of a security fix. Again, for a > vulnerability fix, that makes sense. But for layered defense, I find it > less compelling. I find it a lot less compelling, too. It unfortunately involves about the same amount of conflict management to do the (partial) revert for all these maintenance tracks as it would then later take a "fix in the next cycle" for all these tracks, which made me feel somewhat hesitant. But considering that we are not talking about lifting vulnerability fix, it may make sense to do the (partial) revert all the way down to 2.39 track but do the "fix in the next cycle" only for 2.45 and later (or even in 2.46 only, without even aiming to touch 2.45 track). Thanks for a dose of sanity.
