On Thu, Apr 10, 2014 at 03:12:41PM +0100, Tristan Santore wrote: > > Maybe the system could come with a reminder to keep info current in some > > way? > I think the most important thing is to keep not only the maintainers > informed, but also our general users. Including giving them. mitigation > advice and explaining exactly what the problem is or was. Yes, this would be the role of the communications team outlined in the proposal. When it is crunch time, it is *incredibly* important to have people other than the active responders doing this, because a) it frees them up to concentrate on getting fixes out and b) they're probably frazzled enough to make it hard to communicate clearly. > I must also say, the response time was quite good too, looking at > package build times, compared to the time when I was informed of the > issue. The only problem were the mirrors not syncing up fast enough, > which makes me wonder if we should dump security fixes into a > sub-directory in updates, which mirrors could sync up faster. Yes. <https://fedorahosted.org/rel-eng/ticket/5886> Help wanted. :) -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
