James Antill wrote: > This isn't a hard problem, 3.0 should then be marked as a security > update. But the case we're discussing is that 3.0 was pushed long before it was known that it happens to fix a security vulnerability. We're not going to arbitrarily push another update and call it "security" when it doesn't fix any security issue that's not already fixed. This is just another failure point of yum-security. Kevin Kofler -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel