On 5/30/2011 6:12 PM, Alan Bartlett wrote:
Johnny and I spoke about this a few days back and we think the best way to solve the problem around delayed srpms + waiting for isos, build and QA at the time of a point release is to get something like a 'Continous Release' repository going.
<snip>
One solution: Export packages as they are built from the c[456]bsys into a repository that people can opt into, that would allow them to get early access to packages.
That reads like a very good solution, to me.
I would certainly appreciate the updated packages that resolve particular CVEs, whereas for plain bug-fixes I could wait.
Agreed on the security-related fixes being the important ones, but I suspect that build-order dependencies will apply anyway and there's no reason to hold back working updates. In any case, prioritizing the update stream ahead of work on anaconda and iso-building makes sense for the same reasons 5.6 was pushed ahead of 6.x work. It's just bad for everyone to leave known security vulnerabilities on currently running machines. Personally, I'd consider that important enough to make it the default, although in that case maybe they should go though the 'testing' repo first and require some large-scale feedback first.