[CentOS-devel] Missing security updates

Jeff Johnson n3npq at mac.com
Thu Jul 22 16:34:47 EDT 2010


On Jul 22, 2010, at 4:26 PM, Charlie Brady wrote:

> 
> On Thu, 22 Jul 2010, Jeff Johnson wrote:
> 
>> What exactly is "closed" about the process? Sausages from the 
>> @redhat.com factory arrive on lthe CentOS oading dock, are examined, 
>> tallied, listed, stamped, processed, and re-distributed. The entire 
>> process for CentOS release engineering is easily seen, been the same 
>> since forever.
> 
> Do you have any references for the "examined, tallied, listed, stamped" 
> part of these processes? I was unaware that there was any external 
> visibility on these internal CentOS processes. There's nothing here, for 
> instance:
> 
> http://bugs.centos.org/view.php?id=4386
> 
> Is the information available elsewhere?
> 

All I have is 7 years of experience doing 14+ RHL releases and
years of meetups with most of the CentOS team @FOSDEM.

So no, I can't give a URI to a documented, formal, typeset, wiki
or web-page for what is involved.

Feel free to try the process yourself and see what is involved.
The entire process is quite simple to understand even if tedious.

>> There's nothing stopping anyone from grabbing the sausages in the 
>> "security release", building, installing, testing, and reporting 
>> "worksforme" to assist in expediting a "security release".
> 
> I'm not sure how that would help. We already know that Red Hat have built 
> and presumably tested these packages. If I say that I've built and tested 
> them, does that churn them through the CentOS process any quicker? Does  
> it add any assurance to the packages *as built by CentOS*?
> 

And again there's the assumption that there's nothing to do because the
release process is just cookie cutter gear turning.

The reality is quite different in my experience (but second-hand, I've
never personally experienced the CentOS "security" release process).

73 de Jeff
> ---
> Charlie
> _______________________________________________
> CentOS-devel mailing list
> CentOS-devel at centos.org
> http://lists.centos.org/mailman/listinfo/centos-devel



More information about the CentOS-devel mailing list