public inbox for [email protected]
help / color / mirror / Atom feedFrom: Stefan Kaltenbrunner <[email protected]>
To: Josh Berkus <[email protected]>
Cc: [email protected]
Subject: Re: How to coordinate web team for security releases?
Date: Mon, 05 Feb 2007 20:59:51 +0100
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
<[email protected]>
<[email protected]>
Josh Berkus wrote:
> Stefan,
>
>> well not that is closely related to the -www issue but the fix/patch
>> will end up on anoncvs/viewcvs days before the release too (and will get
>> published including the Security: tag and the commit message there and
>> distributed to the buildfarm boxes at least).
>> So to keep it really under the hood would probably be quite difficult to
>> do.
>
> Actually, we were discussing mechanisms to change that on -core. Suggestions
> are welcome. Mostly we just want to keep a tight lid on security expoloit
> information until the day of release.
yeah I understand the reasoning - but given the rather distributed
nature of the postgresql infrastructure I guess it might be very
difficult if not impossible to get down to less then 72 or 48 hours.
One needs that time to commit the patch and probably wait for at least
one round of buildfarm results, tag all the affected branches and build
the tarballs and finally all the packagers need to build at least the
most important binary packages.
Stefan
view thread (50+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: How to coordinate web team for security releases?
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox