The new Update Acceptance Criteria are broken
tgl at redhat.com
Fri Nov 12 19:32:45 UTC 2010
Till Maas <opensource at till.name> writes:
> On Mon, Nov 01, 2010 at 10:09:17AM -0700, Adam Williamson wrote:
>> I disagree. The evidence you cite does not support this conclusion. We
>> implemented the policies for three releases. There are significant
>> problems with one release. This does not justify the conclusion that the
>> policies should be entirely repealed.
> It was brought to my attention that also current Fedora releases have
> problems with delaying important security updates.
Quite. In my little corner of the system, none of the last several
mysql and postgresql updates have gone out with less than a seven-day
delay, despite some of them being security updates (admittedly not
high-severity ones, but still). And the trend is downhill: out of the
last nine such updates, five shipped with zero karma because not even
one tester had got round to looking at them. How does it help anyone
to delay releases when no testing will happen?
It's absolutely crystal clear to me that we don't have enough tester
manpower to make the current policy workable; it's past time to stop
denying that. I'd suggest narrowing the policy to a small number of
critical packages, for which there might be some hope of it actually
working as designed.
regards, tom lane
More information about the devel