[CentOS] Re: tzdata update, but no announcement?

Mon Apr 2 19:38:36 UTC 2007
Johnny Hughes <mailing-lists at hughesjr.com>

On Thu, 2007-03-29 at 11:01 -0700, Joe Pruett wrote:
> > Joe Pruett wrote:
> >> >  Is it this one in the upstream?
> >> > 
> >> >  https://rhn.redhat.com/errata/RHEA-2007-0128.html
> >>
> >>  yes, that is the one.  i was wondering if the announcement just was
> >>  forgotten or if the updates wasn't really ready yet but slipped into the
> >>  repos.
> >
> > Which would annoy you more?
> > 1. Update sans announcement
> > 2. Announcement sans update.
> >
> > There will always be a timing issue, and I'd go with releasing the update, 
> > allowing mirrors to sync and then the announcement.
> 
> i was actually more concerned about a rogue package getting slipped in 
> somehow.

That is why we sign packages ... if it has our key, it is good to go :P

The real issue was that RH initially released it for fastrack, then they
moved it without announcement (it is a bug fix and not a security fix)
into main updates for el3 ... we followed suit.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20070402/23eb9b4b/attachment-0004.sig>