Re: The new Update Acceptance Criteria are broken

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Nov 14, 2010 at 13:59:24 +0100,
  Till Maas <opensource@xxxxxxxxx> wrote:
> 
> If there are no security updates, people can not apply them. So what is
> worse? If people stop applying updates, then it is at least their
> decision. If there are no updates, people can only choose not to use

Many people are going to just pull updates. They aren't going to make a
decision on their own.

Security updates aren't all created equal. While the case that was
referenced in this was easily remotely exploitable, not all security
issues expose a system to that level of risk.
 
> The optimal case is to provide well tested security updates fast, but
> this is not what Fedora achieves. In my example there is no indication
> that the update was especially tested, because it did not get any karma.
> And it was not provided fast.

There is definitely a problem that needs fixing. But I don't think changing
the goal to untested security updates provided quickly is the preferred
solution.

Perhaps we should have a way to draw attention to high priority updates.
Generally we need more testers and need to make them more efficient.
(Test plans for packages can make testing more efficient and accurate.)
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux