Hi, I've recently had release updates to two packages with CVE issues in then. A few weeks ago, pidgin-otr needed a lot of me prodding people to try it and give karma to get the security update out. Right now, my socat CVE security releases sits in all four branches with no karma after four days. Is there something we can do to make these security updates move faster? Perhaps a new mailinglist that just announces the security releases, to remind people to test them and give karma. Perhaps a gui app for people running post latest full release fedora installs that checks if some software you are using is in need of karma? Perhaps push security releases within 3 days if no -1 karma has been received? Push updates to stable when a certain download/install ratio has been seen with no -1 karma? Any other thoughts? Paul -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
