On Sunday 03 June 2007 10:07:45 Michael Schwendt wrote: > Hence there must be strategies which deal with these situations. > It is not acceptable that a user suffers from a broken dependency, > which makes it impossible to update FF, while the packager who > could fix the broken dep perhaps is on vacation, awol, whatever, > and it takes days if not weeks to find out. Sure. The current security team ideals is that a security team member can step in and apply security fixes or rebuild dependent packages in the absence of a maintainer. There needs to be a reasonable timeout though no? So there may still be a window where the update gets released, and the fringe packages are not updated to suit, until a timeout is reached and a security team member has to step in and issue an update for the fringe package. -- Jesse Keating Release Engineer: Fedora
Attachment:
pgpvAIeY8E4Jj.pgp
Description: PGP signature
-- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers
-- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
