| 1 |
begin quote |
| 2 |
On Tue, 10 Aug 2004 00:01:07 +0000 |
| 3 |
Kurt Lieber <klieber@g.o> wrote: |
| 4 |
|
| 5 |
> One think that I think *everyone* agrees on is that any stable tree |
| 6 |
> needs to be regularly updated with security fixes. With this in mind, |
| 7 |
> I'm concerned with trying to maintain multiple separate SYNC modules. |
| 8 |
> We'd have to upgrade each one with every GLSA, thus doubling or |
| 9 |
> tripling the amount of CVS work needed each time. |
| 10 |
|
| 11 |
Once again, coming from an ISV standpoint where we would have loved to |
| 12 |
use Gentoo (or, I would, some of the people wouldn't care, and one or |
| 13 |
two i'd have to beat to make them bend to my will, but whatever ;) |
| 14 |
|
| 15 |
We had to scrap both Gentoo -and- Debian stable trees. Why? Because |
| 16 |
both update the -main- repository when releasing security fixes/ |
| 17 |
bugfixes. Neither have a stable tree thats archived once and never |
| 18 |
changes. |
| 19 |
|
| 20 |
If you have to actively change a tree (modifications directly into the |
| 21 |
"frozen" tree) which is the case in many environmens, you get stuck with |
| 22 |
this problem. if upstream ever changes their tree, work is lost. You can |
| 23 |
separate local trees and so on, however, once again work is lost when |
| 24 |
internal revisions have superceeded the ones in the tree. (fex, local |
| 25 |
changes to sshd to patch ther initscripts and default config files |
| 26 |
before rollout, which ups the revision of openssh a few times, and then |
| 27 |
there is a backported securityfix? It won't get merged. ) |
| 28 |
|
| 29 |
this is why I'd like to push, once more, for separated "stable" (frozen |
| 30 |
snapshot basically) and "updates" pushed in a separate repo. If we |
| 31 |
want others to use this in enterprise, we have to make it easy for them. |
| 32 |
:-) |
| 33 |
|
| 34 |
//Spider |
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
-- |
| 39 |
begin .signature |
| 40 |
Tortured users / Laughing in pain |
| 41 |
See Microsoft KB Article Q265230 for more information. |
| 42 |
end |
Archives