On 03/10/2010 01:12 AM, Michał Piotrowski wrote: > > Let's consider a case - there is a giant hole in kernel - and there is > a remote exploit somewhere in the wild. Do we want to wait a few days > or so when package will go through updates-testing? There should be an > exception to this rule for fixes for a _real_ security threads. > As opposed to fake security threats? In the case of the kernel, if the new kernel update we rush through without passing via updates-testing repo doesn't boot you can always boot back into an older kernel but other packages typically do not have this privelage and we need to be cautious about this and if there is a really need to expedite the update for whatever reasons, it is already covered by one point in my proposal and I repeat: * Exceptions or expedited update requests must go via release engineering Rahul -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
