Re: doubts about Lenny and available QA tools and security team

To: debian-publicity@lists.debian.org
Subject: Re: doubts about Lenny and available QA tools and security team
From: "Paul Wise" <pabs@debian.org>
Date: Mon, 20 Oct 2008 01:38:55 +0800
Message-id: <e13a36b30810191038n3bf4519m9825cdb9f28ac3ef@mail.gmail.com>
In-reply-to: <1224426602.14851.3.camel@localhost.localdomain>
References: <95a2e0ecb74337a9305a692f8a05ed47@localhost> <1224426602.14851.3.camel@localhost.localdomain>

On Sun, Oct 19, 2008 at 10:30 PM, Andre Felipe Machado
<andremachado@techforce.com.br> wrote:

>> - Expected release date for Lenny.

The release team estimated September 2008. Obviously we missed their
expected release date. Others have estimated June 2009 as the release
date:

http://blog.venthur.de/2008/10/07/lennys-release-date/

Hopefully, Debian developers and users care enough to make it happen
earlier than that.

>> - How test/guarantee today high end hardware (SAN, blades
>> , etc) work fully with Lenny? Are there regression tests?

As with everything, we rely on Debian maintainers, our users, upstream
developers and users testing the software that interfaces with this
hardware.

>> - How help Debian at this task of high end hw drivers?

Same as any feature in the distro; regularly perform tests of the
feature you are interested in, using the testing and unstable
distributions. In addition, for Linux kernel stuff, it is probably
advisable to be testing using the latest -rc kernel released by Linus.
Given enough enthusiasm you might want to run automated daily tests of
Linus' git master branch, git bisect to find problematic commits and
report the bugs/regressions to the appropriate places.

>> - How much time takes a security patch to be issued?

You might be able to get info about this by looking at the dates when
security bugs were reported, and when the resulting security updates
were issued:

http://www.debian.org/security/

A better way to find out would be to ask the security team though.

>> - Are there regression tests to allow distro consistency of a
>> security fix backport to a VERY old version of a sw,
>> already outside of security team action scope? (Lets say, a
>> Pg 6.x on Lenny, unmaintained even at upstream. Please, do
>> not discuss the merit of this approach, as it is _their_ IT mgmt
>> problem to solve.) How release team verify distro consistency?
>> Could it be reproduced in house? Is a repackaging enough?

Not sure I understand the question, but it sounds like something for
the security team to answer.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

Follow-Ups:
- Re: doubts about Lenny and available QA tools and security team
  - From: Andre Felipe Machado <andremachado@techforce.com.br>

References:
- Debian Partners in action in Brasil: progress at Serpro
  - From: AndreMachado <andremachado@techforce.com.br>
- doubts about Lenny and available QA tools and security team
  - From: Andre Felipe Machado <andremachado@techforce.com.br>

Prev by Date: Re: more content for times.d.n: developers interviews
Next by Date: Re: doubts about Lenny and available QA tools and security team
Previous by thread: doubts about Lenny and available QA tools and security team
Next by thread: Re: doubts about Lenny and available QA tools and security team
Index(es):
- Date
- Thread