reviving Fedora Legacy
Ralf Corsepius
rc040203 at freenet.de
Wed Oct 15 02:09:31 UTC 2008
On Tue, 2008-10-14 at 14:31 -0600, Kevin Fenzi wrote:
> On Tue, 14 Oct 2008 05:43:05 +0200
> rc040203 at freenet.de (Ralf Corsepius) wrote:
>
> > On Mon, 2008-10-13 at 10:16 -0500, Jeffrey Ollie wrote:
> ...snip...
> > >
> > > Unfortunately, upstream developers don't always release bugfix-only
> > > releases. Many times they introduce new features or change the
> > > behavior of old features.
> > Right, and how do you expect EPEL to handle this issue?
> >
> > I would expect EPEL to starve out contributors during RHEL's long time
> > time and those who will try to continue supporting it, will be facing
> > the problems you described.
> >
> > May-be I missed it, but I would like to hear about EPEL's visions on
> > this matter.
>
> Sorry for the late reply.
>
> In many ways EPEL has it easy. Since they don't maintain the kernel,
> glibc, and all the other packages that RHEL maintains.
>
> But you are right, for the packages they do maintain it will get harder
> over time to backport security fixes or avoid updating versions.
>
> I think the fact that EPEL doesn't have to handle those more
> vulnerable core packages, and only has to worry about the leaf node
> packages is one thing that makes it more viable.
OK.
> Also, note that since many of the packages in EPEL are leaf nodes /
> add on packages they don't tend to have deep dependencies that more
> central packages have.
OK, so you're basically ignoring this issue and hope for the best?
Certainly, the likelihood of such an incident to happen in "non-core
packages" is less than in "core packages" and the severity of such
incidents in "leaf-packages" is likely less than that in core packages,
nevertheless they are possible to happen over the long time span EPEL is
supposed to be around, nevertheless are non-core packages which can have
long and deep dependency chains.
I only need to have a look into the packages I maintain in fedora ;)
Ralf
More information about the fedora-devel-list
mailing list