MicroReleaseExceptions
Differences between revisions 2 and 3
|
Size: 1008
Comment: fix indentation
|
Size: 920
Comment: change process
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 9: | Line 9: |
| * On a case-by-case basis, if the security team rates the chance of vulnerability exploitation greater than the chance of regression for a given update, it can skip SRU and go directly through the security queue. * The security team will have the responsibility to maintain and review the list of packages that are exceptions to the SRU rule, as well as approve package additions. |
* The technical board will have the responsibility to maintain and review the list of packages that are exceptions to the SRU rule, as well as approve package additions. * Changes to the exception list must be brought to the TB via email * Changes can be approved via any single TB member |
This is a proposed change, and must be ratified by the Tech Board first.
SRU micro version update exception
- Allow for an exception in SRUs to the "patch must be as small and unintrusive as possible" requirement for specific packages that meet the criteria:
- upstream supports micro-version updates to stable releases
- upstream has a sufficiently high level of regression testing for their stable releases
- regression tests are enabled in the package's build
- The technical board will have the responsibility to maintain and review the list of packages that are exceptions to the SRU rule, as well as approve package additions.
- Changes to the exception list must be brought to the TB via email
- Changes can be approved via any single TB member
- Existing de facto exceptions are:
- firefox
- mozilla-thunderbird, thunderbird
- postgresql-8.1, postgresql-8.2
StableReleaseUpdates/MicroReleaseExceptions (last edited 2015-09-29 16:25:28 by pitti)