Kernel vulnerability
Luke Macken
lmacken at redhat.com
Sat Jul 15 04:52:58 UTC 2006
On Fri, Jul 14, 2006 at 10:24:54PM -0400, Jesse Keating wrote:
> On Friday 14 July 2006 21:51, Matthew Miller wrote:
> > I dunno if I can just blame you. I mean, you're good and all, but it seems
> > like there should be someone else _at least_ catching this sort of thing
> > and poking you when necessary.
>
> Probably could fall under my responsibility to periodically look at
> the -testing updates that haven't yet been pushed to final. Maybe we could
> eve automate this step...
>
> /nudge Luke...
I'm not sure what went on between the embargo, July 6th, and when
kernel-2.6.17-1.2157_FC5 was submitted and pushed out to
updates-testing on July 12th. The package then sat in update-testing for 51
hours until it was pushed out as final on the 14th.
Currently the update system nags developers every week about packages
that are in testing and haven't been moved to final. I could shrink the
nagmail window for security updates in testing so devs would get mails
every couple of days or so? This might help mitigate future issues from
the update system side, but it looks like this issue lies in the time it
takes to actually get the errata -into- the update system.
luke
More information about the fedora-devel-list
mailing list