On Tue, Apr 12, 2005 at 05:14:26PM +0300, Pekka Savola wrote: > So.. Why do we want these bugs? If Fedora didn't fix them while they > had the responsibility, they surely shouldn't be shorned in our > direction either ? Um, because some of them are security bugs that they never got around to fixing. That's kind of annoying (Fedora security process definitely seems to be disturbingly low priority -- see the perl-suid buffer overflow trivial root exploit, for example) but I don't really care whose responsibility it ought to be, since there are people who are depending on us to make available patches to secure their systems. I think all the non-security FC2 bugs should be closed as WONTFIX, with the note: "Fedora Core 2 is now maintained for security updates only by the Fedora Legacy project. If this problem is a security issue, please reopen and reassign to the Fedora Legacy product. If it is not a security issue and hasn't been resolved in the current FC4 test release, reopen and change the version to match." But I am a bit reluctant to do this to 1100+ bugs without some general agreement that this is a good idea. -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
