On Sun, 2007-06-03 at 14:55 -0500, Josh Boyer wrote: > On Sun, 2007-06-03 at 15:49 -0400, Luke Macken wrote: > > On Sun, Jun 03, 2007 at 02:32:29PM -0500, Josh Boyer wrote: > > > On Sun, 2007-06-03 at 15:31 -0400, Luke Macken wrote: > > > > On Sun, Jun 03, 2007 at 06:10:40AM -0400, Luke Macken wrote: > > > > > On Sat, Jun 02, 2007 at 05:06:25PM -0400, Tom Lane wrote: > > > > > > Luke Macken <lmacken@xxxxxxxxxx> writes: > > > > > > > Once we agree on a policy, I can implement it. I've heard some people > > > > > > > suggest letting updates sit in testing for 7 days, and if there are no > > > > > > > complaints, then they can be pushed to the stable repo. This sounds > > > > > > > fine to me, what does everyone else think? > > > > > > > > > > > > <cough>zero-day security patches</cough> > > > > > > > > > > Security updates go straight to Stable already. > > > > > > > > ... but will soon require an approval from a member of the security team > > > > before they hit any repo. Core security updates currently require > > > > approval from the Red Hat security response team. With F7, it will > > > > require approval from a member of the Fedora security response team. > > > > > > Erm... wait. Where (other than this email) was that discussed? > > > > It was discussed between some members of the Fedora Security > > Response Team, and was suggested by the Team Lead, Josh Bressers. > > > > This approval mechanism has yet to be implemented in bodhi, and I think > > should require an ACK from the board/FESCo before it does. > > Agreed. Thanks for the clarification Luke. > > Let's get this added to the FESCo schedule. Could Josh Bressers perhaps > attend when it gets discussed? Added to the schedule. /B -- Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> gpg --keyserver pgp.mit.edu --recv-keys 810CC15E BD5E 6F9E 8688 E668 8F5B CBDE 326A E936 810C C15E
Attachment:
signature.asc
Description: This is a digitally signed message part
-- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers
-- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
