Re: [Frugalware-devel] -stable uploading proposal

Tue, 11 Apr 2006 12:52:53 -0700

Yes, I agree start from 0.5, when the system would be a bit more mature. I would be quite willing to do the odd security fix in -stable. Also, the info about security vulnerabilites comes from http://secunia.com

On 11/04/06, VMiklos <[EMAIL PROTECTED]> wrote:
On Tue, Apr 11, 2006 at 07:33:15PM +0100, Alex Smith <[EMAIL PROTECTED]> wrote:
> Sounds OK to me. So this allows us to do {security,bug} fixes to -stable and
> do one of the mainly requested things from stable users and do security
> fixes there? :-)

i would say the infrastructure is mostly ready for testing. the security
support is a more complex question, but without a good infrastructure it
isn't possible at all. at the moment fdb2db, rf, syncd needs to be
improved for -stable, the new version of pacman and pacman-tools (the
later fixes only some warnings) is not yet released

so it allows us, but i would not say start heavily using it, first it
needs to be discussed. maybe start sec support from 0.5? the main
questions:
1) who? only one people is not enough for this imho, but only a few
  devels (2-3 or 3-4) should do it, else the development will not be
active enough
2) how? maybe voroskoi can tell us how he report those [SEC] bugs to the
bts
3) when? maybe if everything is discussed then we could start a "testing"
(to ensure that everything works well) support from pre2 or rc1
4) if we really start then more infrastructure: mailing lists, an common
form to post advistories, etc

to be clear, i help anybody with infrastructure development, but myself
i really hate reading such sec mailing lists, and probably i'm not
alone. that's why we would need a few people who can do this. if the
infrastructure is ok, then after creating a patch (you should decide to
do a version bump or extract the patch from the cvs, etc) it should not
take more time than a normal version bump (regarding that a secfix
provided by upstream needs less testing than a version bump imho)

udv / greetings,
VMiklos

--
Developer of Frugalware Linux, to make things frugal - http://frugalware.org
_______________________________________________
Frugalware-devel mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-devel

_______________________________________________
Frugalware-devel mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-devel

Reply via email to