On Wed, Sep 25, 2019 at 03:14:26PM -0000, Viliam Križan wrote: > Hello Kevin, > > Sorry for late reply (I did not got it into my mailbox). No worries. > By retiring packages you mean this effort? > https://pagure.io/fesco/issue/1935 > https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/ZCM54WM3WYZAJ3MXAOXJHLZCUGZONN3F/ Yep. Also: https://pagure.io/releng/issue/7793 > If that is that what you had in mind, then that depends on reading the security trackers (bugs with SecurityTracking keyword). Those bugs have the required information to process them, where severity maps to the impact of a vulnerability. > > Product Security will stop using the whiteboard field at all on CVE bugs. However, there will be means to retrieve the impact information from the bug's severity. Product Security will keep creating bugs for affected components in Fedora. ok. I guess when we have someone implementing the above they can look further into it. Thanks for the info. kevin
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
