On Fri, 5 Dec 2008 17:42:16 +0000 (UTC) cry_regarder@xxxxxxxxx (Cry) wrote: > Cry <cry_regarder <at> yahoo.com> writes: > > > > > gallery2 has two new versions and outstanding security bugs. I > > have tried several times to email the maintainer John Berninger > > with no replies to a few different addresses. Is this software > > dead in fedora? > > Just for form's sake in case it is necessary and can't be > accelerated, The non-responsive maintainer process was initiated at > > https://bugzilla.redhat.com/show_bug.cgi?id=474870 Sounds good. > Since fedora security loaded several of these bugs and they have CVE > numbers assigned, why didn't they followup when the maintainer didn't > respond? Will the slow fix time for these bugs reflect negatively on > fedora's stats? Because the fedora security folks are focused on notifying maintainers and helping them fix things, and making sure security updates are correct. There isn't any policy in place to have them make the changes, although if we can get enough people interested in helping that would be a good thing to try and do. kevin
Attachment:
signature.asc
Description: PGP signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
