Re: critpath approval process seems rather broken

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 10 Apr 2011 15:41:25 +0900
TASAKA Mamoru <mtasaka@xxxxxxxxxxxxxxxxx> wrote:

> Tomasz Torcz wrote, at 04/09/2011 07:57 PM +9:00:
> > On Sat, Apr 09, 2011 at 05:32:04AM +0200, Kevin Kofler wrote:
> >> Will Woods wrote:
> >>> In fact, there's plenty of approvers available, but you're not
> >>> engaging with them. They might not know how to test libtiff, or
> >>> what needs testing, so other stuff gets tested first.
> >>
> >> The fact is, this is a SECURITY UPDATE and as such it should go
> >> out even without testing. It's not acceptable to sit on security
> >> updates for weeks.
> >
> >    No, security updates are not _that_ special.  For example,
> > there's an avahi update in pipeline.  It has broken dependencies.
> > Pushing this would broke some systems. I'm talking about:
> > https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
> >
> 
> So as a result we are just leaving this security issue unresolved
> more than one month? Okay, it is all very well that we try to explain
> why the new updates request is not yet pushed, however then people
> would ask, "so why can't Fedora try to fix such issue like broken
> dependency ASAP? Short of man power? Is Fedora just making light
> of security issues?"
> 
> Who is responsible for this issue?

I would say (in order): 

- The person who submitted the update. 

- Any co-maintainers the package has that could fix it and push a new
  update. 

- Any provenpackagers who are interested in the package and can go fix
  it and push a fixed update. 

- FESCo or rel-eng if no one else steps up and someone notifies those
  bodies of the problem, so someone there can fix it. 

kevin

Attachment: signature.asc
Description: PGP signature

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux