Am Samstag, den 14.01.2006, 11:16 +0100 schrieb Hans de Goede: > I'm busy to add my 2 cents to the wiki page. You seem however to have > forgot to add a note about this and a link to that page on the actual > Schedule page. /me checks. Missing. /me wonders why seem /me did not save the page after editing Fixed soon. CU thl > Thorsten Leemhuis wrote: > > Am Freitag, den 13.01.2006, 16:23 -0500 schrieb seth vidal: > >> On Fri, 2006-01-13 at 15:20 -0600, Josh Boyer wrote: > >>>> On Fri, 2006-01-13 at 15:15 -0600, Josh Boyer wrote: > >>>>> Now the real question is, should there be some sort of defined policy > >>>>> for security fixes? > >>>> I'd be game with making a extras-security alert address that had the > >>>> package signers and some other security folks on it so we could expedite > >>>> things if need be. > >>>> > >>>> but a private list, for obvious reasons. > > > > I'm not 100% sure if it needs to be private. I don't like "security by > > obscurity". But of course it needs to be private *if* we're discussing > > things under embargoed there. > > > >>> I'll second this. Seems like a good idea to me. > >>> Should we talk about embargos though? > >> why don't we just ask thorsten to add this to the agenda. > > > > Done. Created a page in the wiki at > > http://www.fedoraproject.org/wiki/Extras/Schedule/SecurityPolicy > > > > Could those interested in the topic summarize this thread there? And > > create a action list about the details that need to be discussed? After > > that we should probably discuss those on fedora-extras list. > > > -- > Fedora-maintainers mailing list > Fedora-maintainers@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-maintainers > -- Thorsten Leemhuis <fedora@xxxxxxxxxxxxx>
