How to track the backport of important fixes?
Elvis Angelaccio
elvis.angelaccio at kdemail.net
Wed Mar 9 22:54:07 GMT 2016
2016-03-09 22:50 GMT+01:00 Martin Gräßlin <mgraesslin at kde.org>:
> Am 2016-03-09 21:38, schrieb Elvis Angelaccio:
>
>> 2016-03-09 20:36 GMT+01:00 Thomas Pfeiffer <thomas.pfeiffer at kde.org>:
>>
>> On Monday, 7 March 2016 00:02:36 CET Elvis Angelaccio wrote:
>>>
>>>> Hi,
>>>> there is a problem that hit me recently that I would like to
>>>>
>>> discuss in
>>>
>>>> this new list.
>>>>
>>>> The issue is the following: due to incompatibilities between
>>>>
>>> different
>>>
>>>> release schedules, it may happen that a serious bug is introduced
>>>>
>>> on a dead
>>>
>>>> branch (i.e. a branch that won't see any new upstream release).
>>>>
>>>> In these cases, distributions who are stuck to those dead
>>>>
>>> branches (because
>>>
>>>> of some policy X) are supposed to backport the fixes. If this
>>>>
>>> does not
>>>
>>>> happen, the users of those distributions will be affected by
>>>>
>>> serious bugs
>>>
>>>> and this results in a bad reputation for KDE.
>>>>
>>>> This happened recently with Ark and Kubuntu.
>>>> The release of KXMLGui 5.17 exposed a serious bug in (at least)
>>>>
>>> Ark and
>>>
>>>> Kate. Since at that time the Applications/15.08 branch was
>>>>
>>> end-of-life, the
>>>
>>>> bugfix was released on master and (most) distributions got it
>>>>
>>> with the
>>>
>>>> following Application 15.12 release.
>>>>
>>>> However, at least Kubuntu has been stuck with Ark < 15.12 and
>>>>
>>> KXMLGui >=
>>>
>>>> 5.17, and their users get the Ark process to hang when closing
>>>>
>>> the app.
>>>
>>> I just talked to two KDE developers and this is what I got from the
>>> conversation was that the situation above simply should not have
>>> happened.
>>>
>>> Any bugs that happen in a specific version should be fixed in that
>>> stable
>>> branch.
>>>
>>
>> Even if the stable branch is end-of-life?
>>
>
> yes, end-of-life at a time where the next stable is not yet released,
> doesn't mean there cannot be patches any more. E.g. the lockscreen
> vulnerability fix went to all branches starting from 5.0.
>
> Also if it is severe enough it's always possible to do another bug fix
> release even for an end-of-life version.
>
Thanks, this answers my concern. I guess I will do this backport now
(better late than never).
> Cheers
> Martin
>
Cheers,
Elvis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/distributions/attachments/20160309/09f9a26e/attachment.htm>
More information about the Distributions
mailing list