Re: Bits from the release team: Release goals, schedule, state of the union

To: debian-release@lists.debian.org
Subject: Re: Bits from the release team: Release goals, schedule, state of the union
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Wed, 26 Aug 2009 18:53:14 +0200
Message-id: <[🔎] 20090826165314.GA29885@inutil.org>
In-reply-to: <[🔎] 87ws4rnlf6.fsf@pindar.marcbrockschmidt.de>
References: <873a7fpqfv.fsf@pindar.marcbrockschmidt.de> <200908261435.07340.steffen.joeris@skolelinux.de> <[🔎] 87ws4rnlf6.fsf@pindar.marcbrockschmidt.de>

On Wed, Aug 26, 2009 at 08:23:09AM +0200, Marc 'HE' Brockschmidt wrote:
> Steffen Joeris <steffen.joeris@skolelinux.de> writes:
> > On Wed, 26 Aug 2009 06:51:48 am Marc 'HE' Brockschmidt wrote:
> >> Release Goals
> >> =============
> [...]
> >>  - kFreeBSD:
> >>     Debian 6.0 Squeeze should be the first Debian release shipping with
> >>     a non-Linux kernel.
> > Out of curiosity, how is security support working for this and who is 
> > providing it?
> 
> We [1] were hoping that kfreebsd-{i386,amd64} would be handled like i386
> and amd64 and be supported by the security team.
> 
> As we know that the security team's manpower is limited, we acknowledge
> this by asking you for any concers in supporting a architecture. For the
> Squeeze cycle, this hasn't been done yet [2], as we haven't decided yet
> which of the old architectures can't be supported from a release team
> point of view.
> 
> Including kFreeBSD architectures in the release has been in discussion
> for some time now, and we didn't see any official security team position
> on this yet, thus assumed there were no (big) concers. Should you have
> see some, please inform us soon.

The scope of security support for FreeBSD is different than for Linux:
FreeBSD doesn't treat local denial of service issues as security issues,
but rather as regular bugs (which is fine for > 90% of all systems).
I don't think we can do anything about this, so this needs to be documented
in release notes.

Other than that I don't see a problem. Security issues in the FreeBSD
kernel are infrequent. Testing can be a problem, so we need someone from
the kfreebsd porters to build and test the update for us. Since Aurelien
has been doing that for the existing - unsupported - packages in Lenny
already (in the form of stable-proposed-updates), everything should be
fine if he continues to do so.

Also we should aim at only supporting one kernel for FreeBSD in the Squeeze
release. (I don't know the current state, but IIRC there were multiple
kfreebsd kernel packages in the past).

Cheers,
        Moritz

Reply to:

References:
- Re: Bits from the release team: Release goals, schedule, state of the union
  - From: Marc 'HE' Brockschmidt <he@ftwca.de>

Prev by Date: Re: will 2.6 be default?
Next by Date: Re: will 2.6 be default?
Previous by thread: Re: Bits from the release team: Release goals, schedule, state of the union
Next by thread: Re: Bits from the release team: Release goals, schedule, state of the union
Index(es):
- Date
- Thread