Plan for tomorrow's FESCo meeting (2010-11-17)

Kevin Kofler kevin.kofler at
Sun Nov 21 03:19:42 UTC 2010

Adam Williamson wrote:
> I don't disagree with anything you say, but the question of what's more
> important than testing an update is key. If an update's worth doing,
> it's worth testing. This is pretty simple, and amply demonstrated by
> Fedora history: if we allow people to push untested packages as official
> updates to stable releases, we will break those stable releases, and
> people who use them will be badly affected.

That claim keeps getting repeated, yet that big catastrophe has never 
happened. The worst was the D-Bus trouble, and even that didn't make the 
system completely unusable nor unrepairable. The second example that was 
often quoted was an issue in bind, a package which the vast majority of 
Fedora users don't even have INSTALLED. Compared to that, we have examples 
of fixes for REMOTELY-EXPLOITABLE SECURITY HOLES getting delayed due to the 
paranoid testing policies. One of the fixes getting delayed was a hole in 
the web browser (probably the most used application class) used by most 
Fedora users (because 1. it's the default on the default spin and 2. users 
of other spins often install it as well) which could be triggered by ANY WEB 
SITE the user happens to visit. Others affected servers which have at least 
as many users as bind, and made them remotely exploitable, which is MUCH 
WORSE than just not working.

In short, the cure is much worse than the disease. It's time to repeal this 
solution looking for a problem!

        Kevin Kofler

More information about the devel mailing list