[Mageia-dev] Finalizing update process

Wed Jun 8 23:53:51 CEST 2011

On 8 June 2011 23:40, Anssi Hannula <anssi.hannula at iki.fi> wrote:
+> On 08.06.2011 23:23, Ahmad Samir wrote:
+>> On 8 June 2011 21:45, Samuel Verschelde <stormi at laposte.net> wrote:
+>>> Le mercredi 8 juin 2011 19:39:55, Ahmad Samir a écrit :
+>>>
+>>>> IMHO, rejection reasons:
+>>>
+>>>> - The sec team doesn't think the update fixes a serious security
+>>>
+>>>> vulnerability; so it's not updates but backports
+>>>
+>>> What about bugfix updates ? I guess fixing a bug is a valid reason for an
+>>> update, like it was in Mandriva's updates.
+>>>
+>>> Regards
+>>>
+>>> Samuel
+>>
+>> Right, I probably phrased that one wrongly; I meant:
+>> fixes a serious bug, e.g. crashing, segfaulting
+>
+> I don't think we should exclude non-serious bugs :)
+>
+
+Depends, overworking the sec team doesn't look like a good aspect...
+(that's why I liked contrib in mdv, I could push an update any time,
+without having to go though the bug report -> QA -> Sec team loop).
+
+> (or version updates in some cases, like firefox/opera/flash or updating
+> an rc/beta version to a stable one, and maybe some online games that are
+> useless unless on latest version)
+>
+
+I agree, (except for the games part, nowadays if it's less than 4GB
+it's not really a "game").
+
+
+Maybe the sec team should only work on sec fixes, and there should be
+a sub-group of the sec team that handle the not
+CVE|crash|segfaulting|buffer-overflow updates.
+
+> --
+> Anssi Hannula
+>
+
+
+
+-- 
+Ahmad Samir
+