Subject: | |
From: | |
Reply To: | |
Date: | Wed, 20 Dec 2006 20:58:54 +0000 |
Content-Type: | TEXT/PLAIN |
Parts/Attachments: |
|
|
On Wed, 20 Dec 2006, Troy Dawson wrote:
> Jon Peatfield wrote:
>> It just occurred to me (hey I'm stupid) that there is a possibility that
>> TUV might release security updates/errata at a time when many/most of the
>> main SL people are expecting to have some kind of vacation.
>>
>> Now I suspect that TUV are unlikely to release much on various dates which
>> are commonly vacation-days -- since their staff take time off too -- but
>> since there is an inevitable delay between an announcment and being able
>> to get/build/test the update SRPMs, this may run into 'holidays' etc.
>>
>> I started thinking about this because of the recent SAs for
>> tar/seamonkey/firefox/thunderbird -- I'd include URLs but that would mean
>> referencing TUV. Anyway being released on 19th December is possibly
>> uncomfortably close -- like I doubt that the SL3/4 packages can be made
>> before the 23rd...
>>
>> Of course our users are probably (mostly at least) away too so the risks
>> of delaying the installation a few more days are probably lower too.
>>
>> Am I worrying over nothing? I'm told that I often do.
>>
>> -- Jon
>
> Hi Jon,
> These errata (thunderbird, seamonkey, and firefox) are all marked critical.
> That gives them my highest priority. I'm pushing out the SL4 one's right
> after I send this e-mail and give them one last test.
> SL3 is on a slower machine, required customization, and so it's a little
> slower. They should be out in about 2-3 hours.
> So no worries there.
That is probably faster that it would take me to download/rebuild them
(without any mods changes etc).
Given that the mozilla.org didn't have the 1.5.0.9 versions when I checked
this morning (let alone any of the mirrors!), the speed is pretty amazing.
This also gives me an oportunity to hack the post-installation mess we do
to switch to a newer sun-java plugin while few people care...
> So, to answer your real question. If there are security errata released by
> the upstread vendor during the week between christmas and newyears, will we
> recompile them and release them?
>
> The answer is yes.
Excellent! though I do hope that you (plural) get to take at least some
time off... :-)
> We want to get them out there to be available to install.
> If you want to delay installing them, that is up to you. But we don't want
> to be the ones standing between you and your updates.
I keep being told off for ending up spending too much time here at this
time of year -- it is nice and quiet so I sometimes get to do (some) work
without interruptions... :-)
--
Jon Peatfield, Computer Officer, DAMTP, University of Cambridge
Mail: [log in to unmask] Web: http://www.damtp.cam.ac.uk/
|
|
|