On Sat, 2010-11-13 at 14:22 +0000, Matthew Garrett wrote: > On Sat, Nov 13, 2010 at 10:21:30AM +0100, Till Maas wrote: > > > The documented issues do not seem to be as bad as a system being > > exploited. It is only about dependency breakage or services not working > > anymore. There is no major data corruption requiring access to backups > > and restoring the whole system. But this is what people using Fedora > > with proftpd and being exploited have to do. > > If security updates break functionality then people will stop applying > security updates. That may be true in general, but I think Till has given a compelling example in which many (most?) users would prefer an update with some probability of being broken to no update. If necessary, we could have a separate repository of "urgent" updates that sysadmins could choose to enable or not based on their security and stability needs. -- Matt -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel