[Mageia-dev] Backports Summary

Wed Jun 27 10:23:19 CEST 2012

Sander Lepik skrev 26.6.2012 23:15:
+> 26.06.2012 22:25, Thomas Backlund kirjutas:
+>> * backports is supported as long as the rest of the release
+>>
+>>
+>> Comments? Questions ?
+> I think we should change the wording from "supported" to "tested". Currently we can
+> "support" backport with a newer version of the backport. But i don't think it's a wise move
+> to mark backports repo as an updates repo. So i don't see how we can _support_ backports.
+> And QA has no time to deal with updates for backports (i mean to search for security holes
+> in backports). But this can be discussed tomorrow.
+
+Well,
+
+It's the backporters job to make sure its fixed for security issues as 
+stated by:
+
+* if you backport anything, (regardless if you are the real
+   maintainer or not) you accept the responsibility of
+   handling the bugreports against the backport and make sure
+   it gets patched (or upgraded) to get security fixes.
+
+
+It's not supposed to be flagged as an update repo as that would make it 
+upgrade all packages it find in the system with matching backports packages.
+
+So we need to either create a "backports update applet" or extend 
+current update applet.
+
+(or "worst case" until we get it automated tell the user of backported
+  packages to make sure they check if a new/fixed rpm is available in
+  backports)
+
+And there will still be some advisory notifying people of new backports,
+just like we do for security and bugfix updates now.
+
+--
+Thomas
+