Re: It's been six days since CVD-2021-33909 was patched in RHEL, what's the holdup for Stream 8?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Carl summarized really well how code moves through RHEL and CentOS
Stream, and we’re working on making sure we publish a build that has
made it through the usual set of RHEL tests. -326 is a possible
candidate here.
Think about CentOS Stream as the development location for the next-minor
release of RHEL.  I’d like to highlight some of the general points
related to this discussion:
- There are certain classes of CVE that we handle differently from
normal development work:
https://centos.org/distro-faq/#q4-how-will-cves-be-handled-in-centos-stream
<https://centos.org/distro-faq/#q4-how-will-cves-be-handled-in-centos-stream>
- Since these fixes need to go into RHEL first, getting them into the
development location (CentOS Stream) represents a separate set of work. 
- Our intent is to get CVE fixes like this into Stream as soon as
they’re available within the guidelines referenced in the FAQ
In the past updates have gone out quickly, we haven’t artificially held
up pushes and we will not do so going forward. We don’t, though, make
any forecasts or guarantees about turnaround time, this is to make sure
we deliver those fixes correctly. 
I hope that as we continue rolling out new workflows in CentOS Stream 9,
we will be able to provide more direct feedback on patch status at a
source code level. Just as a reminder you can view and participate in
development happening on Gitlab:
https://gitlab.com/redhat/centos-stream/
<https://gitlab.com/redhat/centos-stream/>
--Brian

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux