On Tue, Nov 23, 2010 at 05:51:06AM +0100, Miloslav TrmaÄ wrote: > Mike Fedyk pÃÅe v Po 22. 11. 2010 v 18:03 -0800: > > Also security updates should not have any other changes mixed in. > In the early days of Fedora, it was explicitly decided that (contra > Debian) maintainers are not required to backport patches and that > rebases (fixing a bug by updating to a new upstream release) are the > most expected kind of update. > > It seems the consensus on this decision is not as strong as it used to > be, nevertheless - with the number of package maintainers that admit > they can't fix bugs in their packages on their own, is overturning this > policy even possible? > Mirek Thanks, Mirek, for pointing out the first issue with this idea. The second issue is that Fedora doesn't have a security team which fixes security issues. We have package maintainers and the people they can/will ping to come up with solutions for security issues. The security team was just there for keeping track of when security issues are reported in other venues and seeing that we addressed them in Fedora (I'm not sure how active it still is either.) -Toshio
Attachment:
pgpVhxkQcy1OP.pgp
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel