Request for standing FFe for Chromium
kees.cook at canonical.com
Tue Jun 1 14:53:35 BST 2010
On Fri, May 21, 2010 at 12:05:19PM +0200, Martin Pitt wrote:
> Matt Zimmerman [2010-05-09 12:40 +0200]:
> > On Wed, May 05, 2010 at 06:16:58PM -0400, Jorge O. Castro wrote:
> > > Hi Tech board!
> > >
> > > The Google Chrome team just recently released a new beta, and people
> > > have been requesting for the corresponding Chromium build in Ubuntu.
> > > fta has explained how the Chrome release process works. At the
> > > browser session at the last UDS we decided that Chromium should have
> > > the same kind of policy that firefox has, that is the ability to just
> > > upload the latest stable however I don't think this was ever finalized
> > > by the tech board. I don't know if it was ever proposed, so I am just
> > > communicating Fabien's concern since users keep asking him when it
> > > will get updated in Lucid and I guess he was under the impression that
> > > we would just be putting in the updates as they came from upstream.
> > >
> > > At some point we'll also need to switch the package in the archive to
> > > follow the -stable channel when that is finished.
> > >
> > >  https://bugs.edge.launchpad.net/ubuntu/+source/chromium-browser/+bug/561510/comments/0
> > I think this is a matter for the release team, rather than the tech board.
> > Copying some of them.
> FWIW, other SRU exceptions were approved by the TB in the past (such
> as GNOME, firefox, hal-info, etc.).
> But with both my TB and my release hats on I +1 the permanent SRU
> approval. We do not have much choice here anyway, the support
> situation is even worse than with Firefox. There are only two sensible
> options, either we do not ship Chromium at all, or we keep putting the
> newest upstream releases into all stables.
While I recognize that there is little option besides doing SRUs, this is
different from the MicroReleaseException. Doing general FFe and single
SRUs is up to the release team.
So, in this case, I think for a single SRU, it doesn't need to involve the
TB. If you want a standing exception, that's more like a MRE, and for
that, I have to say -1 since there is no history about what makes a "good"
SRU with chromium. I think once a few SRUs have been successful, then an
MRE will be very easily granted, but since there's no history yet, it's
hard to have confidence in a standing MRE, even if we have "no choice"
Ubuntu Security Team
More information about the technical-board