On Thu, 2006-03-02 at 16:34 -0500, Josh Bressers wrote: > This also brings up the question of how do we want to (if at all) have > Legacy and Extras security teams work together. There probably won't be > much overlap, but often the analysis is the most important part of dealing > with security issues. > So I can see Legacy and Extras folks working together in terms of discussion and best practices, but I wanted to avoid Extras maintainers 'dumping' their packages on the Legacy project to maintain the security updates. Legacy exists because Red Hat doesn't want to pay their developers to continue maintaining security updates for outdated releases. This is very fair. Legacy is taking the place of those maintainers. Extras has no such problem in this aspect, an Extras maintainer should be in for a pinch, in for a mile. In fact, if anything I'd like to see some of the Extras maintainers putting in some work on testing/building/whatevering packages within the Legacy space. This will be much easier to do once Legacy switches over to an Extras like build system (soon) including a copy of the Fedora CVS contents. These things are indeed up for discussion. -- Jesse Keating Release Engineer: Fedora
Attachment:
signature.asc
Description: This is a digitally signed message part
