On Fri, Oct 19, 2007 at 11:57:34PM -0400, Mike Frysinger wrote:
> On Friday 19 October 2007, Karel Zak wrote:
> > This is upstream, we are not doing support for end-users.
>
> i dont think that statement makes sense ... we support the util-linux package
> regardless of who is using it
It's more simple to (ASAP) provide patches for critical bugs than
complete tarballs (where tarball = previous release + critical
bugfix).
Every unplanned release requires a new branch in repository. For
example now we cannot use stable/v2.13 branch because it includes
more patches and it's not well tested (= no -rc release) yet. It also
requires generate ChangeLog, update NEWS, configure.am, send an
announce, ...
Hmm.. I'm lazy ;-) (because number of people who directly use
upstream tarballs are really small and downstream maintainers are
able to provide better support for end users.)
> > I don't see __real__ demand for release immediately after every
> > important bug. I prefer stable and well tested maintenance release
> > every 2-3 months (e.g. 2.13.1) and major release every 4-6 months
> > (e.g. 2.14).
>
> i think this makes sense except for serious security issues. if the issue is
> a real problem that is putting people's systems at risk, then a new point
> release should be put out asap ... whether that means making a new release
> from the current branch (2.13.1 -> 2.13.2) or simply taking the last release
> and adding the security fix (2.13.1 -> 2.13.1.1), either is ok by me.
<major>.<minor>.<maintenance>.<bugfix>
For example 2.13.0.1 for CVE-2007-5191 seems like the best way.
Well, I'll add .<bugfix> to our release policy. You win :-)
Karel
--
Karel Zak <kzak@xxxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
