Mandriva support and updates // 2009 followup
From time to time, several questions appear asking about the support for Mandriva products – either with bugfix updates, or the security ones. According to the policy, each update is assigned a specific advisory, which can affect one or more distributions. Besides, each advisory could receive an errata, to correct a regression caused by a previous update. Moreover, most of the updates fall into the bugfix (e.g., fixing some bad behavior or crash or simple improving the application), or security (fixing a security issue which could lead to remote compromising of the system, denial of service or other nasty effects) categories. We also have the general updates category, but this is not that different from bugfix updates, so I’ll count both of them together here.
Now that we are entering the year 2010, I thought that it would be interesting to give you some quick follow-up on how many updates were done during the last few years.
In 2009, there were a total of 436 security updates for all Mandriva-supported packages (e.g., the packages in Main repository), and a total of 288 bugfix updates. The bugfixes are usually provided by the package maintainers, who are responsible for issuing the fix/patch, properly testing the updated package, and send it to the secteam. Secteam does the final validation, signs the package with the update key, and releases the advisory (which is sent to a mailing list and to the Mandriva web site). Later, the packages are sent to the mirrors, and become available to the users.
With security updates, it is a bit different. The entire process is usually handled by the secteam, which is responsible for identifying the security issue, locating the relevant patch or solution, updating and testing the fix, and releasing the updated packages. After that, those updates have a similar fate to the bugfix ones (e.g., signing, releasing the advisory, and so on).
If we look into the detailed numbers, things become quite more interesting:
- In 2006, we had 67 bugfix updates and 250 security updates. In total, 10769 RPM files were provided as updates.
- In 2007, there were 144 bugfix updates and 262 security updates, with a total of 17786 updated rpm files
- In 2008, we had 213 bugfix updates and 264 security updates, totaling 25718 rpms provided as updates
- And in 2009, there were 288 bugfix updates and 436 security updates, with a total of 41024 rpms provided as updates.
So I’d say that Mandriva users are pretty well supported 
.
The Mandriva update process is now smooth, compared with some years back (missing signature, missing rebuilds, etc.).
It would have been interresting to know the part of “desktop updates” / “base updates”, and which version of the distribution was concerned. If we have twice RPMs but for 2 distributions, it’s not that impressive
Updates affect all the supported distro version.. During 2009, it was 2010.0, 2009.1, 2009.0, 2008.1 and 2008.0 for community distros; and CS3, CS4, MNF, MES5 and CD2008.0 for corporate ones. So that’s a lot – I think there never was so many supported distros in Mandriva.
As for desktop/base updates, it would be interested to count it indeed. I’ll see if there is a way to count it easily.
Nice little doc, it answers questions which many users never dared to ask. Honestly, the bugfix and security fix section is a book with seven seals for most users – good to clear this up a little bit. I translated this to German and put it on our news portal: http://www.mandrivauser.de/wordpress/?p=489