[OpenAFS] When to publish security advisories?
Fri, 15 Apr 2011 16:31:17 -0700
David Boyes <firstname.lastname@example.org> writes:
> A variation of this comment: much of the complexity of deploying a fix
> is related to packaging. Investment in simplifying and automating the
> process of creating and deploying a new package would probably help
> somewhat with the pain level of creating a new release. The current
> build system is not helpful at all in that area.
I think this is already quite easy for systems with working package
management systems, and probably mostly irreducible complexity for systems
that don't have such a thing.
95% of the work on the Debian side for a security release is the
coordination with the Debian security team and the testing. The actual
packaging is trivial.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>