Security updates are too slow or none existant
Bart Martens
bart.martens at chello.be
Tue Feb 10 06:33:32 UTC 2004
On Tue, 2004-02-10 at 04:30, Colin Charles wrote:
> On Sun, 2004-02-08 at 09:52, Bart Martens wrote:
> > No, "testing" is not the place for security updates. When the security
> > updates are released for rh9, the security updates for fc1 should
> > already have gone through "testing", and be released to the public.
>
> What happens when updates-testing software breaks your production
> environment?
>
> Let fedora updates itself, be "stable", and well-tested. If you'd like
> to help QA updates-testing, I suggest upgrading to updates-testing, and
> filing bug reports if you find errors or nuances.
I fully agree with you that (security) updates must be thoroughly tested
before they are released in Fedora Updates. However, as already
explained in this thread by others, security updates must not be
publicly tested.
By suggesting to use Proposed Fedora Updates for security updating, you
suggest the average user to use all packages in Proposed Fedora Updates.
You said it, "what happens when updates-testing software breaks your
production environment". :-)
Let's not confuse/mix security updates with other updates. Fedora needs
people in the non-public groups addressing security issues, to get
security updates released in Fedora Updates simultaneously with other
Linux distro's, without public testing. I don't know how Red Hat wants
this handed over to community people.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040210/7808b327/attachment-0001.sig>
More information about the fedora-list
mailing list