Announcement

Collapse
No announcement yet.

Fedora Forms Process For Retiring Packages With Open Security Issues

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Fedora Forms Process For Retiring Packages With Open Security Issues

    Phoronix: Fedora Forms Process For Retiring Packages With Open Security Issues

    Last year Fedora's Engineering and Steering Committee approved a plan to drop packages with consistently bad security track records where these packages aren't being punctually maintained in order to address known security vulnerabilities or potentially unmaintained entirely. FESCo has now approved a set of guidelines for the process by which these packages can be retired from Fedora but still stand a chance to be re-adopted and maintained...

    Fedora Forms Process For Retiring Packages With Open Security Issues - Phoronix
    http://www.phoronix.com/scan.php?page=news_item&px=Fedora-Process-Dropping-Bad-RPM
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    Here is me hoping Debian would actually even considering something like that.
    • Likes 1

    Comment

    • #3
      This bit is quite nice:
      "We can start this process 10 weeks before branching and send weekly notifications for 4 weeks and retire them after 4 weeks of notifications, which gives them 6 weeks to get them back into distribution before branching."
      So if it's in the release, it'll stay. If it's insecure for the next release, it'll be retired by default, but really easily fixed and brought back if there's still interest.

      Originally posted by bofh80

      Why not just bite the bullet and jump ship to fedora?
      They're completely different. I find there's such a giant difference even between CentOS and Debian already (one stays pretty new due to backports by default, the other has huge repositories; then there's still the difference between SELinux even on old versions of CentOS and AppArmour in Buster) so let alone Fedora and Debian.

      Comment

      • #4
        Originally posted by starshipeleven View Post
        Here is me hoping Debian would actually even considering something like that.
        But but but... Debian is supposed to be extremely secure already!!!
        • Likes 1

        Comment

        • #5
          Originally posted by Vistaus View Post

          But but but... Debian is supposed to be extremely secure already!!!
          *stable

          Comment

          Previous template Next
          Working...
          X