On 8/7/20 3:46 AM, Nicolas Kovacs wrote: > Le 07/08/2020 à 09:40, Alessandro Baggi a écrit : >> Probably many users have not updated their machines between the bug release and >> the resolution (thanks to your fast apply in the weekend, thank you) and many >> update their centos machines on a 2 months base (if not worst). I think also >> that many users of CentOS user base have not proclamed their >> disappointement/the issue on this list or in other channels. For example I >> simply updated in the wrong time. > > I'm using yum-cron to keep all my server updated on a daily basis. > > And my question "How could this have passed Q & A" was obviously directed at > Red Hat... and *not* at Johnny Hughes and the CentOS team who do their best to > deliver the best possible downstream system. I raise my morning coffee mug to > your health, guys. > > Cheers, > > Niki > I can assure you .. a BUNCH of testing was done. Because of the scope of this udpate, the CentOS team was looped in during the embargo stage (we normally are not .. Red Hat Engineering got permission to make this happen for this issue). Normally we see things that are open source only .. not embargoed content. Once the embargo gets lifted, the items become open source. Kudos to the RH team for making this happen. The CentOS team worked with the RHEL team on this update for several days (more than a week, for sure, maybe 2 weeks) I gained MUCH respect for all those guys .. especially Peter Jones. He is Mr.Secure Boot. I personally tested both the c8 and c7 solutions on several machines (All i have access to actually, including several personal machines that have secureboot). I saw some of the testing that happened on the RHEL side. It was extensive. Microsoft, Debian, Ubuntu and others also had issues with this .. so if you are losing trust, you are losing it with all OS vendors WRT this issue. All I can say is .. this issue was the hardest thing I have been involved with since starting with the CentOS Project 17 years ago. Obviously, everyone involved in this build would have prevented this from happening if they could have. Secureboot is complicated. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 195 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20200807/7c1e964f/attachment-0005.sig>