FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)
Adam Williamson
awilliam at redhat.com
Tue Mar 2 17:18:52 UTC 2010
On Tue, 2010-03-02 at 18:08 +0100, Thomas Moschny wrote:
> > you can try and cherry-pick security updates, but then you get the
> > problem where initial release has Foobar 1.0, then Foobar 3.5 gets
> > shipped in updates, then a security problem emerges and Foobar 3.5-2
> > with the security fix gets shipped in updates. You now have a choice of
> > unsecure Foobar 1.0, or completely new version Foobar 3.6.
>
> Yes, and that will always be the case unless you are hiring a lot of
> developers to backport security fixes. Oh wait ... isn't that what
> RHEL is about?
Other distributions manage this perfectly well without egregious version
bumps.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
More information about the devel
mailing list