[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: linux-2.6_2.6.15-6_i386.changes ACCEPTED

On Fri, Feb 10, 2006 at 08:59:49PM +0100, Frans Pop wrote:
> Allow me to wonder a bit about the way the last two kernel uploads were 
> handled.
> - 2.6.15-5 was pushed because it solved a remote security issue
>   (CVE-2006-0454), however it was uploaded with urgency LOW
> - next day, 2.6.15-6 that has a new upstream release is uploaded
> Wouldn't it have made more sense to upload 2.6.15-5 with urgency HIGH and 
> wait for that to reach testing before uploading a new upstream release?

Well, and let one vulnerable remote security update open for a day more, this
is not acceptable. Even if only one user gets compromised because of this,
then it is enough to warrant the upload.

And i mean, apart from d-i .udebs builds (but i was told not to rant about
this :), it really is not all that much of a bother to do even daily uploads
if they are needed.

Also, there will be a 2.6.15-7 soon :)


Sven Luther

Reply to: