[Mageia-dev] Finalizing update process

Wed Jun 15 13:55:24 CEST 2011

On 06/12/2011 08:25 AM, Angelo Naselli wrote:
+> In data mercoledì 8 giugno 2011 23:53:51, Ahmad Samir ha scritto:
+>>>> Right, I probably phrased that one wrongly; I meant:
+>>>> fixes a serious bug, e.g. crashing, segfaulting
+>>> I don't think we should exclude non-serious bugs :)
+>> Depends, overworking the sec team doesn't look like a good aspect...
+>> (that's why I liked contrib in mdv, I could push an update any time,
+>> without having to go though the bug report ->  QA ->  Sec team loop).
+> Well here we could stop at QA team step, or at least someone more that can
+> test  and say that the fixing is good...
+>
+So,
+
+We've had a lot of discussion, which is good, but imho we need to start 
+getting some updates out the door. Users are asking for them and the 
+CVEs just keep rolling in.
+
+As I understand it, the mechanics are in place to issue updates, and 
+I've put together a page as a first pass at a policy, based on my memory 
+of how things worked in the past and what I've picked up from the 
+discussion.
+
+http://mageia.org/wiki/doku.php?id=updates_policy
+
+Randomly, I'm targeting 2 bugs to push through, to test the process:
+
+https://bugs.mageia.org/show_bug.cgi?id=1084 (vde2, app crashes)
+https://bugs.mageia.org/show_bug.cgi?id=1521 (subversion, security issue)
+
+Now, first problem is we still don't have a maintainer database, so who 
+gets the assignment, the person that first imported the package?
+Perhaps this is the first change to the policy - maintainer or any 
+interested packager initiates the update
+
+-- 
+Stew Benedict
+
+
+