[Fedora-packaging] critical path security update policy
Jaroslav Reznik
jreznik at redhat.com
Mon Apr 20 09:01:22 UTC 2015
----- Original Message -----
> I'm concerned about how long it takes security updates to make it to users
> under Fedora's current policies (which generally allow such updates the
> possibility of sitting in testing for 14 days, or even longer).
It might be a problem sometimes and there's discussion ongoing how to push
urgent and severe updates to users faster.
https://lists.fedoraproject.org/pipermail/test/2015-April/125890.html
https://fedorahosted.org/rel-eng/ticket/5886
But as it was pointed out in this thread, it's not that easy task. Security
issues are hard to solve - on one hand, you want it as soon as possible, on
the other hand, it should not make the issue worst or break your system
completely. So requires a lot of attention, testing etc. and we're still a
small community (and you can see how even big vendors are struggling with
security updates).
Jaroslav
> --
> packaging mailing list
> packaging at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/packaging
More information about the security-team
mailing list