The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: slowing down point releases

To: bruce@pixar.com
Subject: Re: slowing down point releases
From: Thomas Koenig <ig25@mvmap66.ciw.uni-karlsruhe.de>
Date: Wed, 30 Jul 1997 22:55:59 +0200 (MET DST)
Cc: debian-private@lists.debian.org
In-reply-to: <m0wteuy-00IdTiC@golem.pixar.com> from Bruce Perens at "Jul 30, 97 01:00:00 pm"
Reply-to: Thomas.Koenig@ciw.uni-karlsruhe.de (Thomas König)
Resent-cc: recipient list not shown: ;
Resent-date: 30 Jul 1997 21:55:09 -0000
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"eJtbe3.0.pI5.zWxtp"@debian>
Resent-sender: debian-private-request@lists.debian.org

Bruce Perens wrote:

>One of the CD manufacturers called me this morning to ask about the
>expected frequency of point releases.

IMHO, we should make a point release whenever a fatal flaw is discovered
in Debian.

"Fatal flaw" is open to definition, of course.  I would suggest two reasons
why we would make something like that:

a) Fatal security flaws of the "make root fast" type, which are widely
   known (bugtraq, linux-security, ...).

b) Fatal installation errors which are likely to cause major headaches
   for many systems.

c) Errors which cause major problems in major applications (i.e. if
   TeX was unable to print, or if networking didn't work at all).

For anything else, I'd be wary to push an upgrade.  Security flaws are
likely to be the most frequent cause, anyway.

>He would like to have a product
>that is not obsoleted before it gets to store shelves.

He does have a point, which we can acommodate as far as possible by
restricting ourselves to making a point release only when it's necessary.

However, it might be wise to point out to him that his customers may
not actually need an upgrade if it's done because of a security flaw.
A typical multi-user system will probably have access to the latest
updates on the Internet, and somebody who runs the system with only
trusted users (e.g. a private machine) won't be affected by a typical
security hole.

I don't see a large conflict here.
-- 
Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, ig25@dkauni2.bitnet.
The joy of engineering is to find a straight line on a double
logarithmic diagram.

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

References:
- slowing down point releases
  - From: bruce@pixar.com (Bruce Perens)

Prev by Date: Re: slowing down point releases
Next by Date: Re: Crash any Debian Box
Previous by thread: Re: slowing down point releases
Next by thread: Re: slowing down point releases
Index(es):
- Date
- Thread