On Wed, Jun 30, 2010 at 8:29 PM, Tom Lane <tgl@xxxxxxxxxx> wrote: > Will Woods <wwoods@xxxxxxxxxx> writes: >> On Wed, 2010-06-30 at 15:04 -0400, Tom Lane wrote: >>> Yes I can. I have two critpath packages that are in testing with >>> security bugs, both pretty small and easy to test, and both still have >>> karma zero. That seems to me to be adequate proof that there's not the >>> manpower out there to do this. > >> Have you actually asked anyone to test it? Or even considered >> *mentioning the names of the packages* so maybe someone here could help? > > I mentioned libtiff in my first comment in this thread. The other one > is libpng. But in any case, are maintainers supposed to have to scare > up testers on their own? Especially for packages that are supposed to > be so central as to be critpath? If there aren't testers coming out of > the woodwork, this scheme is doomed to failure. I for one hope its effective. The recent issues with the evolution show that its needed! The fact is that people miss things or upstream will change things they should in a stable release that isn't expected. Life happens. Worse case if its not is a revert of the bodhi code that enabled it if it doesn't work. Peter -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
