thunderbird upgrade - wtf?
Rahul Sundaram
sundaram at fedoraproject.org
Wed Oct 14 08:12:21 UTC 2009
On 10/14/2009 01:13 PM, Kevin Kofler wrote:
> Rahul Sundaram wrote:
>> If maintainers choose to include a beta release, then it would have been
>> better to collect more feedback for a longer period of time for updates.
>
> I already answered this in more detail on your blog, but:
> 1. It's a security update, so a short testing period is normal.
That really depends on the severity of the update vs the potential to
cause problems. Remember the d-bus security update that caused so many
problems not so long ago? That one was a security update as well.
https://admin.fedoraproject.org/updates/F11/FEDORA-2009-9911?_csrf_token=b77b748e49c5311eb85031331cb2f6474028d615
The update neither details what the security issues or nor does it tell
what other changes have been made. Not even a link to the upstream
release notes. So let's look at that
http://www.mozillamessaging.com/en-US/thunderbird/3.0b4/releasenotes/
Hmmm. Not much details on what the security issue being fixed is. The
only mention of security is about some SSL change
http://www.rumblingedge.com/2009/09/23/thunderbird-3-beta-4-released/
So I have no idea how severe the security problem was
> 2. It reached +3 karma and got automatically queued for stable.
Are you claiming that there is no way for maintainers to determine how
long the update stays in updates-testing repository? If not, I don't see
this point as relevant.
>> My mails to this list is my "negative karma".
>
> But it's too late, the update already got pushed.
It isn't too late to push another update that fixes the problem.
Rahul
More information about the fedora-devel-list
mailing list