How can we make security updates faster?
"Jóhann B. Guðmundsson"
johannbg at gmail.com
Mon May 28 22:13:06 UTC 2012
On 05/28/2012 08:35 PM, Paul Wouters wrote:
> The point of a seperate list would be that peopel interested in giving
> security updates some extra attention wouldn't be swamped with other
> emails, causing them just to filter and file those emails unseen.
> If the pidgin-otr and socat security update information ended up going
> to any QA related lists, it did not seem to help.
They do so via the update-testing report and even up on top to be the
first thing reporters read so getting the information to reporters is
not the problem but getting them to actually test components is and
there are several issues we need to solve in that regard.
I did an honest effort to improve that situation in the past ( the whole
scenario is bit more complicated ) when we had around 6000 components in
the distribution but members of FPC/FESCO choice to make something that
was necessary for us ( QA ) to be mandatory to solve that and other
problems, optimal. So instead of having the roughly 6000 components that
have been added since then plus what we could have caught up with of
those existing 6000 components with what is needed now, we still have
roughly the effort I did until I decided to drop it altogether since it
was quite foreseeable for people that have the ability to think further
then their nose that it would never work with it being optional.
Long story put short using "Karma" ain't working and wont work unless
some serious effort is done to get that concept in a workable shape to
at least give that concept an hope to ever potential to work in the
At this point in time we might just as well try some alternative
solution to the task at hand instead of trying to patch the broken
In any case that's something for us in QA to figure out and hopefully
FPC/FESCO willl work with us instead of against us this time but given
how some of them have acted and voted on various task they have been
given for the last release cycle I doubt that's the case but elections
are coming up so there might be hope there yet you know fresh
blood,fresh minds,fresh ideas, fresh approaches etc...
More information about the devel