On Mon, 17 Oct 2016 15:41:04 akuster808 wrote: > On 10/17/2016 02:34 PM, Paul Eggleton wrote: > > On Mon, 17 Oct 2016 15:23:55 Bruce Ashfield wrote: > >> On 2016-10-17 03:11 PM, Sona Sarmadi wrote: > >>> From https://wiki.yoctoproject.org/wiki/Stable_branch_maintenance: > >>> /General policies: / > >>> > >>> * /Fixes must go into master first unless they are applicable only to > >>> > >>> the stable branch; if back-porting to an older stable branch, the > >>> fix should first be applied to the newer stable branches before > >>> being back-ported to the older branch/ > >>> > >>> Does anyone know the reason for the policy above i.e. why fixes have to > >>> go to master first? > >> > >> The kernel has the same policy for -stable kernels. Speaking at a very > >> high level, it simply ensures that the development of maintenance/stable > >> branches does not move ahead of master in terms of fixes. > >> > >> That keeps development focused on the tip, where it belongs (versus > >> companies/people working in silos for an extended period of time), since > >> once in master many branches can benefit from it. > > > > Another way to think about this is what would happen if we didn't fix it > > in master first, then forgot to go back and do that? master (and the > > stable release that eventually follows from it) would potentially be left > > without the fix, so when you upgraded the vulnerability would come back. > > That applies for any fix , security or not.
Absolutely. Cheers, Paul -- Paul Eggleton Intel Open Source Technology Centre -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto