MicroReleaseExceptions
Differences between revisions 1 and 2
|
⇤ ← Revision 1 as of 2007-07-17 00:11:11
Size: 1013
Comment: proposal from sprint
|
Size: 1008
Comment: fix indentation
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 10: | Line 10: |
| * The security team will have the responsibility to maintain and review the list of packages that are exceptions to the SRU rule, as well as approve package additions. * Existing de facto exceptions are: * firefox * mozilla-thunderbird, thunderbird * postgresql-8.1, postgresql-8.2 |
* The security team will have the responsibility to maintain and review the list of packages that are exceptions to the SRU rule, as well as approve package additions. * Existing de facto exceptions are: * firefox * mozilla-thunderbird, thunderbird * postgresql-8.1, postgresql-8.2 |
This is a proposed change, and must be ratified by the Tech Board first.
SRU micro version update exception
- Allow for an exception in SRUs to the "patch must be as small and unintrusive as possible" requirement for specific packages that meet the criteria:
- upstream supports micro-version updates to stable releases
- upstream has a sufficiently high level of regression testing for their stable releases
- regression tests are enabled in the package's build
- On a case-by-case basis, if the security team rates the chance of vulnerability exploitation greater than the chance of regression for a given update, it can skip SRU and go directly through the security queue.
- The security team will have the responsibility to maintain and review the list of packages that are exceptions to the SRU rule, as well as approve package additions.
- Existing de facto exceptions are:
- firefox
- mozilla-thunderbird, thunderbird
- postgresql-8.1, postgresql-8.2
StableReleaseUpdates/MicroReleaseExceptions (last edited 2015-09-29 16:25:28 by pitti)