Hi Till! On Fri, 05 Sep 2008 22:55:26 +0200 Till Maas <opensource@xxxxxxxxx> wrote: > On Fri September 5 2008, Till Maas wrote: > > > pam_mount just released an update that fixes a security > > vulnerability: > > https://sourceforge.net/project/shownotes.php?release_id=624240 > > Will someone create the needed tracking bugs[1] for this and maybe > request / assign a CVE number? I have created 'Security Response' bug for the issue, that can be used to record further details about the flaw, as well as CVE id once it's assigned. I do not see any point in creating tracking bugs once updates are already submitted in Bodhi. That tracking bugs process was developed to be similar to process used internally by Red Hat for Red Hat Enterprise Linux, and it is not applied to Fedora when it makes little sense. In Fedora, you do not need per-version approved tracking bug to do the update, and tracking bugs are sometimes viewed as too much extraneous overhead for those not used to them (which is more than understandable). I also did some minor changes to your update requests. One thing that remains quite unclear with them is why libHX update is included in the same update request. Thank you! -- Tomas Hoger / Red Hat Security Response Team -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
