Comment 39 for bug 790538

Jamie Strandboge (jdstrand) wrote :

I would like to briefly follow up to let people know that regressions are treated very seriously in Ubuntu. Regressions are closely examined to identify areas of improvement going forward, and as such, we have created a public incident report in:
https://wiki.ubuntu.com/IncidentReports/2011-05-31-pam-security-update-breaks-cron

Full details can be seen in that report, but here is a quick summary of what happened after the regression was found:
 * mirroring was stopped
 * the regressed packages were removed from the Ubuntu archive
 * the cause of the regression was identified and updates prepared
 * the fixed packages were built and verified to correct the issue and then were published to the archive
 * once it was established that mirroring could be safely re-enabled, it was
 * an email was sent to ubuntu-security-announce (https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-May/001341.html)
 * the Ubuntu website was updated (http://www.ubuntu.com/usn/usn-1140-2/)

We are still conducting a post-mortem of the incident and identifying areas of improvement so this does not happen again. One improvement that has already been made is we have adjusted our pam test scripts to catch this problem in the future.

We apologize for the inconvenience.