On Fri, May 23, 2014 at 10:01:46AM -0400, Eric H. Christensen wrote:
I dislike the idea of a separate repo for ultra-critical updates. Once a fix is available for a vulnerability it should, IMO, be shipped as soon as possible. I know this doesn't fit into the Microsoft model or our model of community testing but really as soon as you go public with a fix you've also just notified all the "bad guys" out there to the vulnerability and exactly how to exploit it. It's a race condition at that point.
I'm not sure I follow here. What do you dislike? This isn't meant to be a hidden repo -- it's the "ship as soon as possible!" repo, so it sounds like you're agreeing.
I'd much prefer to have a mechanism in place that allows these fixes to be pushed to the repos almost immediately (once they've been properly tested). I'm not exactly sure how this can work but perhaps having QE tested patches packaged and ready for the embargo time would meet Release Engineering's criteria for testing?
Right, exactly -- that's the mechanism I'm looking for.