[CentOS-devel] Missing security updates
n3npq at mac.com
Thu Jul 22 20:34:47 UTC 2010
On Jul 22, 2010, at 4:26 PM, Charlie Brady wrote:
> On Thu, 22 Jul 2010, Jeff Johnson wrote:
>> What exactly is "closed" about the process? Sausages from the
>> @redhat.com factory arrive on lthe CentOS oading dock, are examined,
>> tallied, listed, stamped, processed, and re-distributed. The entire
>> process for CentOS release engineering is easily seen, been the same
>> since forever.
> Do you have any references for the "examined, tallied, listed, stamped"
> part of these processes? I was unaware that there was any external
> visibility on these internal CentOS processes. There's nothing here, for
> Is the information available elsewhere?
All I have is 7 years of experience doing 14+ RHL releases and
years of meetups with most of the CentOS team @FOSDEM.
So no, I can't give a URI to a documented, formal, typeset, wiki
or web-page for what is involved.
Feel free to try the process yourself and see what is involved.
The entire process is quite simple to understand even if tedious.
>> There's nothing stopping anyone from grabbing the sausages in the
>> "security release", building, installing, testing, and reporting
>> "worksforme" to assist in expediting a "security release".
> I'm not sure how that would help. We already know that Red Hat have built
> and presumably tested these packages. If I say that I've built and tested
> them, does that churn them through the CentOS process any quicker? Does
> it add any assurance to the packages *as built by CentOS*?
And again there's the assumption that there's nothing to do because the
release process is just cookie cutter gear turning.
The reality is quite different in my experience (but second-hand, I've
never personally experienced the CentOS "security" release process).
73 de Jeff
> CentOS-devel mailing list
> CentOS-devel at centos.org
More information about the CentOS-devel