[OE-core] [PATCH RFC CFH][sumo 00/47] CVE check backport

Khem Raj raj.khem at gmail.com
Mon Nov 11 15:54:34 UTC 2019 

On Mon, 2019-11-11 at 16:14 +0200, Adrian Bunk wrote:
> On Mon, Nov 11, 2019 at 01:12:47PM +0000, Richard Purdie wrote:
> > On Mon, 2019-11-11 at 12:42 +0200, Adrian Bunk wrote:
> > > On Thu, Nov 07, 2019 at 04:32:35PM +0000, Richard Purdie wrote:
> > > > On Thu, 2019-11-07 at 07:55 -0800, akuster808 wrote:
> > > > ...
> > > > > Are you taking the other patches also submitted for sumo ?
> > > > 
> > > > I am worried about what the bigger picture for this looks like
> > > > but
> > > > we
> > > > could try testing them. I think the TSC needs to discuss this.
> > > 
> > > How were community supported branches supposed to work?
> > > 
> > > All branches from 2.1 (sic) are documented as supported in the
> > > wiki.
> > 
> > That was changed recently
> 
> What was changed recently was that the pre-2.1 branches were marked
> EOL:
> https://wiki.yoctoproject.org/wiki/index.php?title=Releases&diff=62334&oldid=62324
> 
> Non-stable branches are documented as community-supported since 2014:
> https://wiki.yoctoproject.org/wiki/index.php?title=Releases&diff=12747&oldid=12743
> 
> > and I kind of wish we'd waited until we'd
> > followed through with a consistent plan which covers the spectrum
> > of
> > EOL/community/stable/LTS.
> > 
> > As I've said in a few places, the TSC really needs to figure this
> > out
> > and its complicated by the LTS discussions. Those discussions are
> > happening but aren't simple.
> 
> Past releases and future releases might be separate topics.
> 
> Please keep in mind that many people already have to support products
> on existing stable branches, working under the assumption that
> patches 
> submitted by the community will be accepted.
> 
> Closing future non-LTS branches early might be OK if this is part of
> a 
> clearly communicated EOL schedule for future LTS and non-LTS
> releases, 
> like it is clear when Ubuntu releases will be released and for how
> long 
> they are supported.
> 
> But this visibility on upstream support is needed before deciding on
> a Yocto release for a product. Future LTS releases are irrelevant
> for 
> existing products that cannot move to a different stable branch.
> 

current and prior two releases are actively maintained. So that should
have been the consideration when selecting a release for production in
past. see

https://wiki.yoctoproject.org/wiki/Stable_branch_maintenance


> > Cheers,
> > 
> > Richard
> 
> cu
> Adrian
> 
> -- 
> 
>        "Is there not promise of rain?" Ling Tan asked suddenly out
>         of the darkness. There had been need of rain for many days.
>        "Only a promise," Lao Er said.
>                                        Pearl S. Buck - Dragon Seed
>

More information about the Openembedded-core mailing list