-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/30/2010 03:29 PM, Tom Lane wrote: > Will Woods <wwoods@xxxxxxxxxx> writes: >> On Wed, 2010-06-30 at 15:04 -0400, Tom Lane wrote: >>> Yes I can. I have two critpath packages that are in testing with >>> security bugs, both pretty small and easy to test, and both still have >>> karma zero. That seems to me to be adequate proof that there's not the >>> manpower out there to do this. > >> Have you actually asked anyone to test it? Or even considered >> *mentioning the names of the packages* so maybe someone here could help? > > I mentioned libtiff in my first comment in this thread. The other one > is libpng. But in any case, are maintainers supposed to have to scare > up testers on their own? Especially for packages that are supposed to > be so central as to be critpath? If there aren't testers coming out of > the woodwork, this scheme is doomed to failure. > > regards, tom lane A suggestion: when critical path updates hit updates-testing, a notification should go to both devel@xxxxxxxxxxxxxxxxxxxxxxx and qa@xxxxxxxxxxxxxxxxxxxxxxx to encourage testing. - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkwrnOcACgkQeiVVYja6o6N2/ACgsLvwWnvsy4kYnCytqrJ7C74g mIsAn1Ki153jDL5UmY+adobGRxr+zdMu =0KQL -----END PGP SIGNATURE----- -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
