Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Rich Freeman <rich0@g.o>
To: gentoo-dev <gentoo-dev@l.g.o>
Subject: Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774
Date: Sat, 20 Oct 2018 13:29:49
Message-Id: CAGfcS_nW5qCCNKV=k-zVG7H5V4PrDCka4VFb1WuMtCt75rb1pg@mail.gmail.com
In Reply to: Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774 by Andreas Sturmlechner
1 On Sat, Oct 20, 2018 at 8:19 AM Andreas Sturmlechner <asturm@g.o> wrote:
2 >
3 > On Freitag, 12. Oktober 2018 14:50:55 CEST Rich Freeman wrote:
4 > > ARM is not a Gentoo security supported arch.
5 > >
6 > > If the ARM maintainers feel that stable keywords make the lives of
7 > > their users better, and it isn't causing problems for anybody else,
8 > > I'm not sure why we should be interfering with this.
9 >
10 > That's interesting. If it's not security supported, does that mean we can
11 > simply clean up vulnerable versions and drop every arm revdep to ~arm?
12 >
13 > Or are we supposed to keep vulnerable versions around and drop every keyword
14 > except arm?
15 >
16
17 Setting aside the security supported flag that was already discussed,
18 there is also a council decision regarding this general topic [1].
19 The only issue is that I'm not certain if it was intended to apply to
20 ARM, or only to specific arches [2].
21
22 The last policy was:
23
24 "If a maintainer has an open STABLEREQ, or a KEYWORDREQ blocking a
25 pending STABLEREQ, for 90 days with archs CCed and otherwise ready
26 to be stabilized, the maintainer can remove older versions of
27 the package at their discretion. A package is considered ready to be
28 stabilized if it has been in the tree for 30 days, and has no known
29 major flaws on arches that upstream considers supported." [1]
30
31 IMO that was written generically enough that it could apply anywhere,
32 but that is up to the Council. In theory it could even be safely
33 applied to x86/amd64, especially since maintainers can
34 self-stabilize/keyword on those arches typically.
35
36 [1] - https://projects.gentoo.org/council/meeting-logs/20131119-summary.txt
37 [2] - https://projects.gentoo.org/council/meeting-logs/20130917-summary.txt
38
39
40 --
41 Rich
Report Message
Find on MARC Find on Google Groups