A proposal for Fedora updates
Alexander Bokovoy
abokovoy at redhat.com
Fri Mar 27 13:40:44 UTC 2015
On Fri, 27 Mar 2015, Kevin Fenzi wrote:
>On Fri, 27 Mar 2015 15:03:59 +0200
>Alexander Bokovoy <abokovoy at redhat.com> wrote:
>
>> My primary worry is CVE handling. These delays are not helping in
>> getting security fixes delivered. I'm not fighting for dropping
>> certain type of content but rather for prioritization.
>
>Right, as I noted at the end of that other long mail, there's
>discussion about a 'urgent updates' repo for security updates.
>
>The initial thought was that it would just contain 'urgent' level
>stuff, not high or moderate, but it's not set in stone yet.
>
>Also, do realize we have had cases where fixes to security issues were
>rushed out and ended up being broken/not really having been tested
>because everyone was rushing so much.
Is there a way to see if there are going to be huge updates?
Perhaps it would help to plan around pushing relatively more important
updates by seeing what is the load on the machinery. In this particular
case I'm after we have CVEs to publish co-related with RHEL advisory
which went out yesterday so Fedora updates just got into a wave of
texlive, but for future doing FreeIPA releases we may simply see if
moving release a day or two into future would allow us to escape the
wave.
--
/ Alexander Bokovoy
More information about the devel
mailing list