Pushing updates for Fedora 7
Josh Boyer
jwboyer at jdub.homelinux.org
Sun Jun 3 19:55:09 UTC 2007
On Sun, 2007-06-03 at 15:49 -0400, Luke Macken wrote:
> On Sun, Jun 03, 2007 at 02:32:29PM -0500, Josh Boyer wrote:
> > On Sun, 2007-06-03 at 15:31 -0400, Luke Macken wrote:
> > > On Sun, Jun 03, 2007 at 06:10:40AM -0400, Luke Macken wrote:
> > > > On Sat, Jun 02, 2007 at 05:06:25PM -0400, Tom Lane wrote:
> > > > > Luke Macken <lmacken at redhat.com> writes:
> > > > > > Once we agree on a policy, I can implement it. I've heard some people
> > > > > > suggest letting updates sit in testing for 7 days, and if there are no
> > > > > > complaints, then they can be pushed to the stable repo. This sounds
> > > > > > fine to me, what does everyone else think?
> > > > >
> > > > > <cough>zero-day security patches</cough>
> > > >
> > > > Security updates go straight to Stable already.
> > >
> > > ... but will soon require an approval from a member of the security team
> > > before they hit any repo. Core security updates currently require
> > > approval from the Red Hat security response team. With F7, it will
> > > require approval from a member of the Fedora security response team.
> >
> > Erm... wait. Where (other than this email) was that discussed?
>
> It was discussed between some members of the Fedora Security
> Response Team, and was suggested by the Team Lead, Josh Bressers.
>
> This approval mechanism has yet to be implemented in bodhi, and I think
> should require an ACK from the board/FESCo before it does.
Agreed. Thanks for the clarification Luke.
Let's get this added to the FESCo schedule. Could Josh Bressers perhaps
attend when it gets discussed?
josh
More information about the Fedora-maintainers
mailing list