Fwd: Re: Why do some updates skip proposed? (launchpad bug 589163)

Fri Jun 4 12:13:27 UTC 2010

Oops missed reply to all..

Sent from Android mobile

---------- Forwarded message ----------
From: "James Hogarth" <james.hogarth at gmail.com>
Date: Jun 4, 2010 1:36 AM
Subject: Re: Why do some updates skip proposed? (launchpad bug 589163)
To: "Arand Nash" <ienorand at gmail.com>

Given the nature of the regression in this case even 12 to 24 hours in
proposed would have shown the issue as no kvm guest could run at all....
given the relatively low importance of the security update according to cve
such an increased timeline shouldn't cause too much in the way of increased
vulnerability... as it was systems running kvm will have at least an extra
24 hours for the other cve items to be fixed now due to this.

Now naturally one should test updates on non-production systems anyway
before pushing out en masse.... and with a report to fix comitted time of
just 4 1/2 hours which is damn impressive... however for such a high impact
and obvious regression it does leave a bad taste in the mouth as to the
testing and stability of an update pushed to security repositories and
perhaps a lesson to be learned and acted upon.

James

Sent from Android mobile

>
> On Jun 3, 2010 10:20 PM, "Arand Nash" <ienorand at gmail.com> wrote:
>
> -----BEGIN PGP SIGNED MES...

>
>
> On 03/06/10 18:16, James Hogarth wrote:
> > Hey all,
> >
> Quick question for anyone that can give a q...

>
> As stated on https://wiki.ubuntu.com/KernelTeam/KernelUpdates:
>
> * Security updates will be u...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20100604/612a23e7/attachment.html>