[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Updates being pushed?



nodata wrote:

Can I ask if there will be a plan for how to push a critical package
update out to users if this was to happen again?

By this I mean, package X has a critical security hole at the time of an
infrastructure problem.

We can have processes that make this faster but unfortunately if the infrastructure problem is bad enough, there's no way we can push package X out until the problem is at least partially resolved.

ie: We have to have a trusted machine to build packages on. We have to have a trusted machine to sign packages on. If we have to rebuild all of the boxes then all we can do is prioritise getting those back online and having a process for quickly getting the new key in use on those machines.

-Toshio

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]