Rapid release for security updates
Stephen Gallagher
sgallagh at redhat.com
Tue May 26 16:22:58 UTC 2015
On Tue, 2015-05-26 at 15:33 +0200, Ralf Corsepius wrote:
> On 05/26/2015 12:10 PM, Andrew Haley wrote:
> > Something needs to be done, but I'm not sure
> > exactly what.
>
> IMO, all this should not be a problem, if collaborative maintenance
> works.
>
> What I mean, IMO, critical packages should have a sufficient number
> of
> co-maintainers, who should be presumed to be sufficiently familiar
> with
> a package to provide enough karma, which would allow such packages to
>
> pass quickly.
>
That might work for comparatively simple packages, but what about the
kernel? Kernel updates have the potential to completely break things
(particularly if the security patch comes along with a point release).
I'm not trying to disparage the kernel maintainers, but there's
absolutely no way they can test all possible hardware before releasing
an update.
There's still value to the updates-testing repo, even for security
updates.
I agree we need to figure out ways to "grease the wheels" so that
important updates get out faster, though.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150526/aad145b7/attachment.sig>
More information about the devel
mailing list