On Wed, Mar 23, 2005 at 01:35:47AM -0800, Steve Langasek wrote: > RC3 of Debian Installer is already being finalized, with only the CD builds > to finish up today and tomorrow; the ABI change is being held of testing in > the meantime. This leaves the following possible options: > > - Add the security fix in before sarge's release, with a change to the > package names to reflect the ABI change. This will probably require at > least a month to get all kernel images rebuilt and integrated into a > debian-installer RC4 build, during which time the sarge release would be > delayed.
How big is the possiblity that we get a new security fix during that time that breaks the ABI again? I guess we can play this game a loooong time... > - Add the security fix in before sarge's release, without changing the > package names. This may break some third-party kernel modules currently > deployed on systems running testing. No one I've spoken to about this > knows of any such modules that are definitely affected, but Andres Salomon > has objected to this approach nevertheless. > - Defer the update until after release, definitely with a change to the > package names. This would be for the security team, the kernel team, and > the d-i team to work out the details of; it would almost certainly require > a d-i update. How big is the chance that we will have another ABI change during sarge's lifetime (100%?). So it can't hurd to figure out the problems with that now independently of our decision in this matter... > Since the kernel team is vetoing the idea of silently allowing this small > ABI change through before release (which was my preference), and we don't > want to delay the release for another round of d-i/kernel updates, that > seems to leave a post-release security update as the only other option. Is > this acceptable? I seem to remember that there were some ABI-changing > updates in woody as well, and now that the kernel team is tracking ABI > changes, they seem to be common even in security fixes; but I wanted to get > your input first to be sure, in case you felt this needed to happen before > release for whatever reason. > > It also seems, according to the latest emails, that the same security fix is > going to cause an ABI change for the 2.4 kernels. Doing full updates of > both 2.4 and 2.6 kernels before release would push my estimate out from 1 > month to 2, based on recent experience. My experience with the whole kernel stuff is limited so excuse the question: Where is the bottleneck? Building the kernels, testing the kernels or whatever else? Gruesse, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
