Ubuntu Wiki

This is a proposed change, and must be ratified by the Tech Board first.

SRU micro version update exception

• Allow for an exception in SRUs to the "patch must be as small and unintrusive as possible" requirement for specific packages that meet the criteria:
  • upstream supports micro-version updates to stable releases
  • upstream has a sufficiently high level of regression testing for their stable releases
  • regression tests are enabled in the package's build
• On a case-by-case basis, if the security team rates the chance of vulnerability exploitation greater than the chance of regression for a given update, it can skip SRU and go directly through the security queue.
  • The security team will have the responsibility to maintain and review the list of packages that are exceptions to the SRU rule, as well as approve package additions.
  • Existing de facto exceptions are:
    • firefox
    • mozilla-thunderbird, thunderbird
    • postgresql-8.1, postgresql-8.2