On Wed, Jan 29, 2020 at 10:26:56PM +0100, Miro Hrončok wrote: > Here is an initial (albeit randomly generated) proposal of X and Y: > > severity CRITICAL/HIGH MEDIUM LOW > X 2 4 6 > Y 2 4 6 In RHEL, low impact security bugs wouldn't normally be fixed until the next minor release, which would be 6-12 months after the issue is reported. I don't think it's valuable to badger packagers about bugs that have "minimal consequences" to use the terminology from https://access.redhat.com/security/updates/classification Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
