[OE-core] bugzilla.yoctoproject.org policy for bugs against multiple releases
Burton, Ross
ross.burton at intel.com
Mon Apr 18 10:26:26 UTC 2016
Hi,
At the moment we don't really have a policy for oe-core bugs in
bugzilla.yoctoproject.org that apply to multiple releases, for example
https://bugzilla.yoctoproject.org/show_bug.cgi?id=9400. This is a CVE bug
that should be fixed in all supported branches, and indeed Sona has sent
patches for Fido/Dizzy/Jethro/master. Of course now we've got to track
where these patches are in the submission process and ensure that we don't
drop any of these, but bugzilla only has a single target milestone for each
bug.
I propose that for bugs such as this we file a bug report for master and
then clone it (there's a Clone This Bug button at the bottom) for each
stable release that is affected. Then each bug can have it's own target
milestone set and we can be sure that the patches don't get left out of
being merged and that QA can effectively verify each branch.
Any objection or feedback? (the first person to suggest moving to Jira gets
to manually review all CVEs from CVE-1999-0001 onwards are fixed in
krogoth).
Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20160418/92ec8eba/attachment-0002.html>
More information about the Openembedded-core
mailing list