[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Food for thought - SECURITY (design flaw?)



On Sun, Feb 11, 2001 at 03:03:42PM +1100, Brian May wrote:
> My guess from the above, is that 0.4.6-3 was uploaded to unstable, but
> before it could get through to testing, 0.4.6-4 has
> uploaded. (probably 2 days latter).
> 
> I would assume that the priority of 0.4.6-4 would be used
> (urgency=low), not the priority of 0.4.6-3 (urgency=high). Am I right
> or wrong?
> 
> (I tend to think that the urgency field of all versions from the last
> version in testing should be used, eg. max(high,low)=high, assuming
> that the last version in testing was 0.4.6-2)

I've switched testing to do this now. (That is, if you make three uploads:
	1.0-1 unstable low
	1.0-2 unstable high
	1.0-3 unstable medium
and 1.0-3 is the latest version in unstable, then if the version in testing
is:
	<absent>  the urgency will be treated as high
	<< 1.0-1             ...                 high
        1.0-1                ...                 high
        1.0-2                ...                 medium
        1.0-3     it's already updated :)

This still doesn't get security updates into testing immediately if there's
any chance they'll break things, though. (If they're not built on all arches,
or if they have weird new dependencies, or if someone files RC bugs on them)

Cheers,
aj

-- 
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.

``_Any_ increase in interface difficulty, in exchange for a benefit you
  do not understand, cannot perceive, or don't care about, is too much.''
                      -- John S. Novak, III (The Humblest Man on the Net)

Attachment: pgpqe8XoIXIk3.pgp
Description: PGP signature


Reply to: