From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id AA0F0138334 for ; Sat, 20 Oct 2018 13:29:49 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EB594E088B; Sat, 20 Oct 2018 13:29:45 +0000 (UTC) Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 941D4E07EC for ; Sat, 20 Oct 2018 13:29:45 +0000 (UTC) Received: by mail-pg1-f195.google.com with SMTP id 32-v6so5809563pgu.2 for ; Sat, 20 Oct 2018 06:29:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=w9a22dMv4jJ1thdJ7qaDzikVt9tFw3edPEWRKdE2t/Q=; b=rQTCUrkfuxZcVxTd1DXAY4WB5fa1tfcDy1bsCZTaXRtHFdOL+No6EZID7hEA9S8C0E 9d6gZPaliAT3GvHfcTR4cqysT6/hbN80yXqRLtyHK5KuAnkENf1GipVKo83pXBIqLiJv iPj1/MAOyFgSWC5d9kl+WHu7BHgdC7suhrU15bkmYXVqK51ThamT5MOxTEYFq4YClxwF 0a+istupbzwaLyAY5HuN5iJpPrURAjISFYOh9o3vvwmJoYwZ3LIUd+ua46SqKpt/7v6l V8bnr8o+zfcilvQkYK/GUSWQYWnu3wXWqOlnAAhVF+WkgWiO1DyxJPrYWaU7EqyopLdb Msnw== X-Gm-Message-State: ABuFfohk7qep8zeq0BIrKNWKkDuq3Wl3f4p0XIDQoCj7nwfdKjuIjn8Y REJVhTh7SB8UNYPle688WXk6JA8CAqvi228grDMvskpQ X-Google-Smtp-Source: ACcGV62x/XlXObcdtf5dumaMhKv4VUvHQqopl8Jv7JZ992tb/C7HY+ehDveZO3JdJwLrRaB1tqZhNK5/xUxl1GnJayg= X-Received: by 2002:a63:c5a:: with SMTP id 26-v6mr36233308pgm.372.1540042183869; Sat, 20 Oct 2018 06:29:43 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 References: <673fa7bc-c3f6-9c76-5675-783754ce3e9a@gentoo.org> <95271f29-6c3c-1b9c-f12b-96c467b8bdec@gentoo.org> <13279775.bTPpegArPH@tuxk10> In-Reply-To: <13279775.bTPpegArPH@tuxk10> From: Rich Freeman Date: Sat, 20 Oct 2018 09:29:32 -0400 Message-ID: Subject: Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774 To: gentoo-dev Content-Type: text/plain; charset="UTF-8" X-Archives-Salt: 1fc3e926-23b1-4ba0-a7f0-2e868333c50c X-Archives-Hash: 01c9d4aa6d62e1213b03b6bb2e4584ab On Sat, Oct 20, 2018 at 8:19 AM Andreas Sturmlechner wrote: > > On Freitag, 12. Oktober 2018 14:50:55 CEST Rich Freeman wrote: > > ARM is not a Gentoo security supported arch. > > > > If the ARM maintainers feel that stable keywords make the lives of > > their users better, and it isn't causing problems for anybody else, > > I'm not sure why we should be interfering with this. > > That's interesting. If it's not security supported, does that mean we can > simply clean up vulnerable versions and drop every arm revdep to ~arm? > > Or are we supposed to keep vulnerable versions around and drop every keyword > except arm? > Setting aside the security supported flag that was already discussed, there is also a council decision regarding this general topic [1]. The only issue is that I'm not certain if it was intended to apply to ARM, or only to specific arches [2]. The last policy was: "If a maintainer has an open STABLEREQ, or a KEYWORDREQ blocking a pending STABLEREQ, for 90 days with archs CCed and otherwise ready to be stabilized, the maintainer can remove older versions of the package at their discretion. A package is considered ready to be stabilized if it has been in the tree for 30 days, and has no known major flaws on arches that upstream considers supported." [1] IMO that was written generically enough that it could apply anywhere, but that is up to the Council. In theory it could even be safely applied to x86/amd64, especially since maintainers can self-stabilize/keyword on those arches typically. [1] - https://projects.gentoo.org/council/meeting-logs/20131119-summary.txt [2] - https://projects.gentoo.org/council/meeting-logs/20130917-summary.txt -- Rich