Gentoo Archives: gentoo-project

From: "Michał Górny" <mgorny@g.o>
To: gentoo-project@l.g.o
Subject: Re: [gentoo-project] Re: [gentoo-dev-announce] call for agenda items, council meeting 8/13
Date: Thu, 03 Aug 2017 07:06:25
Message-Id: 1501743979.1020.2.camel@gentoo.org
In Reply to: [gentoo-project] Re: [gentoo-dev-announce] call for agenda items, council meeting 8/13 by Mike Pagano
1 On pon, 2017-07-31 at 18:13 -0400, Mike Pagano wrote:
2 > On 07/31/2017 10:15 AM, William Hubbs wrote:> All,
3 > >
4 > > The next Gentoo Council meeting is on Sunday, aug 13 at 18:00 UTC in the
5 > > #gentoo-council channel on freenode.
6 > >
7 > > Please reply to this message with any items you would like us to discuss
8 > > or vote on.
9 >
10 > <snip>
11 >
12 > I would like to submit the following for the council to discuss and vote
13 > upon.
14 >
15 > At the moment, we have a capacity problem around kernel stabilization.
16 > Upstream kernels are released at an extremely high rate and the Gentoo
17 > Kernel Maintainers do their best to release them shortly thereafter.
18 >
19 > Sometimes, arch teams are not able to respond to stablereqs in a timely
20 > manner. This is not a complaint on their efforts, just a description of
21 > what happens often for arch teams that are stressed to capacity.
22 >
23 > When the motivation for a STABLEREQ is a high severity security bug
24 > (e.g. root exploit), this delay in stabilization results in us having to
25 > keep exploitable kernels in the tree in order not to drop the latest
26 > stable for a specific architecture.
27 >
28 > The procedure outlined below allows for auto-stabilization of minor
29 > bumps by the Gentoo kernel team for any previously stabled major version
30 > kernel.[1]
31 >
32 > I welcome discussion, better ideas or anything else that makes
33 > everyone's lives easier and user's systems more secure.
34 >
35
36 I'm not sure if this is really something for the Council to discuss.
37 Sounds like a regular problem that's best dealt either with arch teams
38 directly or on gentoo-dev.
39
40 <private hat>
41
42 I don't mind stabilizing new minor releases automatically but I'd prefer
43 if they were at least build-tested with the default config once.
44 However, I doubt anybody's going to shoot you if you take
45 the responsibility for your actions and don't break anything important
46 in the process.
47
48 </private hat>
49
50 --
51 Best regards,
52 Michał Górny

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies