Update policies for security bugs [Was, Re: Dreamhost dumps Debian]

To: Steve Langasek <vorlon@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Update policies for security bugs [Was, Re: Dreamhost dumps Debian]
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Thu, 29 Aug 2013 12:45:56 +0100
Message-id: <[🔎] 21023.13428.494725.549818@chiark.greenend.org.uk>
In-reply-to: <[🔎] 20130828162724.GE6969@virgil.dodds.net>
References: <[🔎] 21011.32310.864168.568030@chiark.greenend.org.uk> <[🔎] 20130820145339.GA2363@angband.pl> <[🔎] 21011.34255.48484.270530@chiark.greenend.org.uk> <[🔎] CAKcBoksQWK7a-vyeCBm+XE34=gh9nbUM0W2+S7zYzyw_n76xoQ@mail.gmail.com> <[🔎] 21011.39023.898706.120662@chiark.greenend.org.uk> <[🔎] CAKcBokvbuBQhfDhLbVF+zjBf_S6oa=FJROpZYT0149_F4YTpaQ@mail.gmail.com> <[🔎] 20130820174056.GB8223@virgil.dodds.net> <[🔎] slrnl1q7rc.596.jmm@inutil.org> <[🔎] 20130827232338.GA27931@virgil.dodds.net> <[🔎] 21021.54269.447114.427837@chiark.greenend.org.uk> <[🔎] 20130828162724.GE6969@virgil.dodds.net>

Steve Langasek writes ("Update policies for security bugs [Was, Re: Dreamhost dumps Debian]"):
> I don't think this is incompatible with my contention that updates for
> security bugs should be driven by the security team.  If we think a security
> fix should not be pushed *immediately* to users, then why should we postpone
> it until the next point release, instead of postponing it until they upgrade
> to the next stable release?  Either it's an important security fix and we
> should push it out with a high priority, or it's not important - in which
> case no one should expect me to spend my time on fixing it in a stable
> update.

Perhaps it has an intermediate level of importance.

Ian.

Reply to:

References:
- Re: Dreamhost dumps Debian
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Dreamhost dumps Debian
  - From: Adam Borowski <kilobyte@angband.pl>
- Re: Dreamhost dumps Debian
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Dreamhost dumps Debian
  - From: Pau Garcia i Quiles <pgquiles@elpauer.org>
- Re: Dreamhost dumps Debian
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Dreamhost dumps Debian
  - From: Pau Garcia i Quiles <pgquiles@elpauer.org>
- Re: Dreamhost dumps Debian
  - From: Steve Langasek <vorlon@debian.org>
- Re: Dreamhost dumps Debian
  - From: Moritz Mühlenhoff <jmm@inutil.org>
- Re: Dreamhost dumps Debian
  - From: Steve Langasek <vorlon@debian.org>
- Re: Dreamhost dumps Debian
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Update policies for security bugs [Was, Re: Dreamhost dumps Debian]
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: Less dinstall FTW?
Next by Date: Re: Less dinstall FTW?
Previous by thread: Update policies for security bugs [Was, Re: Dreamhost dumps Debian]
Next by thread: Re: Dreamhost dumps Debian
Index(es):
- Date
- Thread