Jason L Tibbitts III (tibbs@xxxxxxxxxxx) said: > So, assume for the sake of argument that the maintainer doesn't > respond to the bug. At what point does someone need to take action? > Who takes that action? I suppose it could be up to the Extras Steering Committee, or any security team that they then designate. > JB> There is no fedora-extras-announce list. > > Does this strike anyone else as a bad idea in the long run? > extras-list is too high-volume to expect people to watch for security > releases, and I doubt Red Hat wants to open up the more official > announcement lists to the likes of me. Hm. I suppose it's possible to do updates in that manner (fedora-announce-list) Once we get the advisory format settled in the metadata, it should be easy enough for somebody to whack up a quick system that sends the mail & adds the data. My main concern with opening up fedora-announce-list is that I wonder if the increase of volume because of *non*-security updates would clutter the list. Bill
