Re: developing the "critical updates repo" plan

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Fri, May 23, 2014 at 10:16:41AM -0400, Matthew Miller wrote:
> On Fri, May 23, 2014 at 10:01:46AM -0400, Eric H. Christensen wrote:
> > I dislike the idea of a separate repo for ultra-critical updates.  Once a
> > fix is available for a vulnerability it should, IMO, be shipped as soon as
> > possible. I know this doesn't fit into the Microsoft model or our model of
> > community testing but really as soon as you go public with a fix you've
> > also just notified all the "bad guys" out there to the vulnerability and
> > exactly how to exploit it. It's a race condition at that point.
> 
> I'm not sure I follow here. What do you dislike? This isn't meant to be a
> hidden repo -- it's the "ship as soon as possible!" repo, so it sounds like
> you're agreeing.

I guess I don't understand the need for the extra repo.  Why not just push it to fedora-updates?

- -- 

- --------------------------------------------------
Eric "Sparks" Christensen
Fedora Project

sparks@xxxxxxxxxxxxxxxxx - sparks@xxxxxxxxxx
097C 82C3 52DF C64A 50C2  E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQGcBAEBCgAGBQJTf2V/AAoJEB/kgVGp2CYvEHoMAI2aV5YFzi29DxN0Hzsw8m/v
EBWmze1DDb6yvatSpuLxmhMbaGPXbvy3dtKSZOf7o7fcYBomEbAtymLlzYOEggH0
P2iccuKC5L41xCYlbTjDH9sAfP1/I5rH2fXnvRq6s/Pj5uygIUoWuEPRBxyvCkBt
HWBCS/BXQ6D3zaO3IEiATuyyfGSOfqED3whYS8ShJnQAPpcXIz5fEqv0m3EHa+s1
YS7SJtmMqrB4EjggS1MCOZaNOHxBBAP4ETHxCTopKx4qdDBIwv65BcL1OOeTi8I9
h+/5J6CJ0308HjQphm+LKfX09IN4UjeZmfNmYE1ZQPV24K4J4I8O/NaIhA8P9qvE
XBD8TWCNtjiSL/ra6UHYDUXg7vXNVFIYZS1NoC2MGkwb0cUISVjXfSQYbEOQE+yd
Z4SHzHLh7Opjw8eOL60Bw5SbdfG2zZJyJJXY74WNTf8Z3LmCVa6inpNdQtdcfNcY
d+r5AwPnFZQT9Unq3/6eHbHQiEA8a/ulB3N8Ouzb8w==
=4zpT
-----END PGP SIGNATURE-----
--
security mailing list
security@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/security





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux