On Fri, Sep 18, 2015 at 22:57:27 +0200, Gaudenz Steinlin wrote: > > Hi debian-release > > Gaudenz Steinlin <gaudenz@debian.org> writes: > > > Gaudenz Steinlin <gaudenz@debian.org> writes: > >> I'd like to update ceph in jessie to the latest upstream bugfix release. > >> The version of ceph in jessie is a long term support (LTS) release which > >> will receive updates at least until January 2016. Updates will be bugfix > >> only. New features go into new release which are developed in parallel. > >> See at the end of this report for the upstream changelog. > >> > >> See http://ceph.com/docs/master/releases/ for the ceph release timeline > >> and support statement. > >> > > > > Just as an additional data point, Ubuntu has a "Minor Release Exception" > > for stable updates for their ceph package [1]. > > In the meantime another stable point release of ceph 0.80 (0.80.10) was > released and on top of that there is a (minor) security issue which > won't be fixed through a security update but which would be nice to fix > by a stable update (see bug #798567 / CVE-2015-5245)). > > As another stable update has passed, it would be nice if someone of the > stable release team could comment on this and eventually decide if they > are OK with the proposal to follow the ceph stable branch or if they > don't like it and would prefer an update just fixing the security bug. > It would be nice to have a decision soon, so that there is enough time > to prepare and test the update for the next stable point release. > What does the QA process on upstream's bugfix releases, and on the Debian side for the proposed stable updates, look like? So far I'm leaning towards rejecting this request, as I don't want to spend that much time reviewing these changes, and as you see we're already way behind on stable update requests. Thanks, Julien
Attachment:
signature.asc
Description: PGP signature