[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Kernel vulnerability



On Fri, Jul 14, 2006 at 10:24:54PM -0400, Jesse Keating wrote:
> On Friday 14 July 2006 21:51, Matthew Miller wrote:
> > I dunno if I can just blame you. I mean, you're good and all, but it seems
> > like there should be someone else _at least_ catching this sort of thing
> > and poking you when necessary.
> 
> Probably could fall under my responsibility to periodically look at 
> the -testing updates that haven't yet been pushed to final.  Maybe we could 
> eve automate this step...
> 
> /nudge Luke...

I'm not sure what went on between the embargo, July 6th, and when
kernel-2.6.17-1.2157_FC5 was submitted and pushed out to
updates-testing on July 12th. The package then sat in update-testing for 51 
hours until it was pushed out as final on the 14th.

Currently the update system nags developers every week about packages
that are in testing and haven't been moved to final.  I could shrink the
nagmail window for security updates in testing so devs would get mails
every couple of days or so?  This might help mitigate future issues from
the update system side, but it looks like this issue lies in the time it
takes to actually get the errata -into- the update system.

luke


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]