On 11/02/2019 07:28, Bruno Friedmann wrote:
On dimanche, 10 février 2019 09.43:03 h CET Stephan Kulow wrote:
Hi,
The latest snapshot has built with glibc 2.29 and ruby 2.6 (and hopefully a good enough fix for netconfig), but as it hit openQA, too many problems appear.
https://openqa.opensuse.org/group_overview/1 shows > 60 failures and among things that are kind of expected (e.g. there was an update of the GNOME theme, which does not help openQA), all network installations fail to detect the installation source.
So this will need to be debugged before we can continue with releasing snapshots.
Greetings, Stephan
Thanks for the heads up, Coolo.
Am I the only victim of big chunks of changes ?
I'm still waiting an update (one for security reason, the other for the shake of all the goodness PostgreSQL 11 would bring to us)
https://build.opensuse.org/request/show/651973 since 3 months ago as PostgreSQL dba, we live naked !
https://build.opensuse.org/request/show/669145 which more recent (13 days) but a superseed of the 3 month https://build.opensuse.org/request/show/653551
If someone can provide an explanation about why we are not able to provide security first fix, in place of major upgrade which are known to stalled snapshot delivery, I would be really thanksfull to him(her), I always want to learn about our process.
And yes I've tried all that I can to contact directly maintainers to make it happen, before expressing this mail (that I can understand could look like a rumble), but hell the next PostgreSQL release will happen in a few weeks afterwards ;-)
In this issue there's a comment in the SR explaining "In order to get the CVE fix in, we should have a pgsql10 submission that does not rely on the libs being built by pgsql11 - since not everything builds with pgsql11 yet, we can't perform the switch" In general for significant security fixes we have the ability to push an update to the update repo without releasing a new snapshot. This is less then ideal so it only gets done if openQA is properly broken and the issue is significant. IE if there was another shellshock style vulnerability disclosed tomorrow we can still release a fix even with openQA in a bad state. Ideally the package would just have 1-2 patches containing the fix and wouldn't be a new feature release. -- Simon Lees (Simotek) http://simotek.net Emergency Update Team keybase.io/simotek SUSE Linux Adelaide Australia, UTC+10:30 GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B