'Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774
From:       Rich Freeman <rich0 () gentoo ! org>
Date:       2018-10-20 13:29:32
Message-ID: CAGfcS_nW5qCCNKV=k-zVG7H5V4PrDCka4VFb1WuMtCt75rb1pg () mail ! gmail ! com
[Download RAW message or body]

On Sat, Oct 20, 2018 at 8:19 AM Andreas Sturmlechner <asturm@gentoo.org> wrote:
>
> On Freitag, 12. Oktober 2018 14:50:55 CEST Rich Freeman wrote:
> > ARM is not a Gentoo security supported arch.
> >
> > If the ARM maintainers feel that stable keywords make the lives of
> > their users better, and it isn't causing problems for anybody else,
> > I'm not sure why we should be interfering with this.
>
> That's interesting. If it's not security supported, does that mean we can
> simply clean up vulnerable versions and drop every arm revdep to ~arm?
>
> Or are we supposed to keep vulnerable versions around and drop every keyword
> except arm?
>

Setting aside the security supported flag that was already discussed,
there is also a council decision regarding this general topic [1].
The only issue is that I'm not certain if it was intended to apply to
ARM, or only to specific arches [2].

The last policy was:

"If a maintainer has an open STABLEREQ, or a KEYWORDREQ blocking a
pending STABLEREQ, for 90 days with archs CCed and otherwise ready
to be stabilized, the maintainer can remove older versions of
the package at their discretion. A package is considered ready to be
stabilized if it has been in the tree for 30 days, and has no known
major flaws on arches that upstream considers supported." [1]

IMO that was written generically enough that it could apply anywhere,
but that is up to the Council.  In theory it could even be safely
applied to x86/amd64, especially since maintainers can
self-stabilize/keyword on those arches typically.

[1] - https://projects.gentoo.org/council/meeting-logs/20131119-summary.txt
[2] - https://projects.gentoo.org/council/meeting-logs/20130917-summary.txt


-- 
Rich

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic