Re: kernel/d-i/security/release meeting at DebConf6
* Sven Luther (email@example.com) [060524 11:52]:
> On Wed, May 24, 2006 at 11:35:00AM +0200, Andreas Barth wrote:
> > * Sven Luther (firstname.lastname@example.org) [060524 11:23]:
> > > On Wed, May 24, 2006 at 10:31:08AM +0200, Andreas Barth wrote:
> > > > You are ignoring that we have scheduled a time to update the kernel
> > > > again before release of etch.
> > >
> > > Ah, nice. But would this include an abi-changing kernel upgrade ? I fear not,
> > > given the trouble of abi changes for security upgrades. In any case, it
> > > doesn't include an upstream kernel version bump in the planes i have read,
> > > right ?
> > It would even allow a newer minor kernel version, so an abi-change
> > should be possible as well.
> Nice then, the question remains of how often and in what timeframe we can do
> such. Imagine there is a security issue shortly before the release, will we
> say like last time, let's ship with it, because we have not put into place the
> procedure to handle it in a timely fashion ?
There will definitly be a time when it is too late to replace the kernel
without delaying the release (just consider that we e.g. notice after
starting the CD build that there is some issue). Also, we need a minimum
testing periode for the final kernel and the final installer. If we set
that minimum testing periode to something like 6 weeks (which seems sane
to me), we cannot update the installer later than mid of October, and
the kernel needs to be a little bit earlier, which is like the beginning