No edit summary |
No edit summary |
||
Line 21: | Line 21: | ||
critical-bugfix: loses/corrupts data, makes system inaccessible, makes system unable to receive updates, | critical-bugfix: loses/corrupts data, makes system inaccessible, makes system unable to receive updates, | ||
high-user-impact-bugfix: package/application in a critical-path or critical-path-dependencies have an important bugfix impacting users which is not a critical-bugfix but is still important | |||
security: has a cve or security notice defined with it | security: has a cve or security notice defined with it | ||
bugfix: correct a bug in the software not covered by critical-bugfix definition NOT INCLUDING Requests For Enhancements (RFEs) | bugfix: correct a bug in the software not covered by critical-bugfix definition NOT INCLUDING Requests For Enhancements (RFEs) |
Revision as of 18:19, 1 September 2010
updates policy for patch 'tuesdays':
Principle:
Updates should occur at regular intervals by and large. Not everyday and not haphazardly. Security and critical bugfixes should be issued asynchronously, but feature updates, new pkgs and non-critical bugfixes should be issued once a month for the duration of the distros supported lifetime.
specific rules:
- security and critical bugfixes are issued asychronously. FULL STOP.
- if the above require changes/rebuilds to other pkgs then those others pkgs will be included in the async update provided that, if they are an update beyond a rebuild then they have passed a qa check
- all other updates can be included in the monthly update push provided:
- they have passed testing karma checks
- they have passed autoqa checks
- it is not a bugfix(not including rfes) and update falls within the critical path or critical path dependencies, then it cannot be included.
- any other requirement fesco decides on.
definitions:
critical-bugfix: loses/corrupts data, makes system inaccessible, makes system unable to receive updates,
high-user-impact-bugfix: package/application in a critical-path or critical-path-dependencies have an important bugfix impacting users which is not a critical-bugfix but is still important
security: has a cve or security notice defined with it
bugfix: correct a bug in the software not covered by critical-bugfix definition NOT INCLUDING Requests For Enhancements (RFEs)