On Sun, 16 Jun 2013 10:33:23 -0600 Kevin Fenzi wrote: > On Sun, 16 Jun 2013 08:31:19 -0600 > Jake Edge <jake@xxxxxxx> wrote: > > > > > We processed a huge number of KDE security announcements for F18 > > last week: https://lwn.net/Articles/553900/ ... but the comments on > > that article indicate that almost all of them are not actually > > security fixes and are, instead, some kind of koji overreach? > > seemingly the same pile of fixes showed up for F17 yesterday ... is > > it just kdeplasma-addons that needs to be highlighted (perhaps with > > a mention that koji cascaded the bug into a bunch of unaffected > > packages?) ... or is there more? or are they truly all affected? > > This is due to this being 1 single update with all the kde packages. > > See: > > https://admin.fedoraproject.org/updates/FEDORA-2013-10182/ > > So, all those packages are all "FEDORA-2013-10182" > > and since you can only mark the single update security or not, the > entire thing (and all packages) are marked security. What I don't quite follow is whether all of those packages are in fact updated for security reasons or whether this is just an artifact of bodhi (or koji or something) ... I am sensing the latter ... does 'kdepimlibs' or 'kdeedu' (to pick two at random) need to be updated for *security* reasons? or just because it got tagged with one (?) package that was updated to the same upstream revision (kdeplasma-addons ... others?) > I don't know if this will be handled any better in bodhi 2.0, but we > could surely look and try and handle things better. What would you > like to see for an update like this? Different names for each > package? Or some what to tag only those package(s) that are security > updates? Well, I would think Fedora users would only want things that are actually security updates to marked as such ... or are all these packages dependent on the Plasma add-ons somehow? That's what's confusing here imo ... jake -- Jake Edge - LWN - jake@xxxxxxx - http://lwn.net -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
