Tomasz Torcz wrote, at 04/09/2011 07:57 PM +9:00: > On Sat, Apr 09, 2011 at 05:32:04AM +0200, Kevin Kofler wrote: >> Will Woods wrote: >>> In fact, there's plenty of approvers available, but you're not engaging >>> with them. They might not know how to test libtiff, or what needs >>> testing, so other stuff gets tested first. >> >> The fact is, this is a SECURITY UPDATE and as such it should go out even >> without testing. It's not acceptable to sit on security updates for weeks. > > No, security updates are not _that_ special. For example, there's > an avahi update in pipeline. It has broken dependencies. Pushing this > would broke some systems. I'm talking about: > https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14 > So as a result we are just leaving this security issue unresolved more than one month? Okay, it is all very well that we try to explain why the new updates request is not yet pushed, however then people would ask, "so why can't Fedora try to fix such issue like broken dependency ASAP? Short of man power? Is Fedora just making light of security issues?" Who is responsible for this issue? Regards, Mamoru -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
