On Mon, 28 Aug 2023 at 11:05, Petr Pisar <ppi...@redhat.com> wrote: > V Fri, Aug 25, 2023 at 07:34:35PM +0100, Richard Hughes napsal(a): > > you need to reboot into the new firmware before the published firmware gets > > shared; > Won't this suppress an effeciency of the local sharing?
Yes -- but it's a compromise between efficiency and also broadcasting to the network that you've just downloaded a firmware with a security fix and the firmware you're running right now can be attacked. > If a typical period > between a download and the reboot is significantly longer than a period in > which machines check for and download the firmaware, it will happen that all > machines will sepearately download the firmware from a central server instead > of downloading it from local peers. Because all the machines will be waiting > on the reboot. Yes, that's certainly fair -- although I hope that at least one person would reboot straight away given it's a security update. > For how long is the firmware adveritised? As long as it is advertised, people > know what version you are currently running. This information becomes > interesting when a new firmware is released. Then you have exactly the same > problem you want to address. It's up to the thing publishing -- for the case of firmware payload (which is a default off option) it's 30 days for firmware and 24 hours for metadata (which would be default on). Richard _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
