On Thu, 2006-05-04 at 13:24 -0400, Jeremy Katz wrote: > On Thu, 2006-05-04 at 19:33 +0300, Gilboa Davara wrote: > > Argh. > > I meant, updates should be kept in updates-testing for a week or two > > before being pushed into -updates. > > This is kde-3.5/FC4 update disaster all over again :( > > The changes in 2.6.16.x are (supposed to be, and generally are) small, > obviously correct fixes for things that are generally security related. > So leaving them in -testing means time spent with vulnerable boxes. > > In this case, an update of the Xen patch crept in without Dave noticing > and that's where the root cause of this problem. Had that been > realized, the update would have been handled differently. > > Jeremy > Jeremy, I'm not trying to point fingers and/or throw mud. My question is, will it be possible to find a mid-route, which combines the shortest possible vulnerability period with a minimal risk of having DOA machines? You'd agree that having 1000s of DOA machines doesn't really sit well with Fedora's mission statement... (Though, in Dave's defense, a machine that doesn't boot is a machine which cannot be compromised ;)) Gilboa -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list