> > > > > > How you can help. > > I've been wanting to help, but not sure of practices and procedures > used. > > Perhaps we could clarify a few things for me: > > > - Should the filed bug have a CC to the list? I guess you mentioned > this above. I think it's probibly a good idea so folks can see the > progress of fixes. While I'm personally not a fan of this, if people want it, we should probably do it. > > - Is there any key for the format of the audit cvs files?=20 Not really, look at what's there to get an idea of how it goes. > > - Is there any acl on the audit files? Who is allowed to update those? Here is the current list: avail | mjc,bressers,jorton,notting,sopwith,katzj,holtmann | fedora-security avail | lkundrak | fedora-security avail | jkeating,ausil,tibbs,kaboom,scop,questor | fedora-security If you're willing to help, access can be granted. > > > Any help will be appreciated and accepted. Once the FC7 file exists, > > we will need to go through the CVE ids and identify which flaws need > > to be addressed. Some of the ids will be low hanging fruit that will > > only take a few minutes to verify. Other will take a long time and > > it's possible you will have to go through source. > > I'm not sure how to section off this file, anyone with any ideas? > > Well, if it will be listed in cvs, can't we just have folks go and > update as they process? Ideally, yes. I however don't want people to duplicate work. I suspect the easiest way is going to be for someone to just mark a block of ids as what they're working on. Something like **** bressers **** CVE blah blah blah ... ===> Lots of CVE ids here CVE blah blah blah **** bressers **** Check in some bits to make it known you're on it, then start wading through the manure. Thanks. -- JB -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list