Dne 08. 09. 22 v 19:32 Maxwell G via devel napsal(a):
On Thursday, September 8, 2022 Neal Gompa wrote:Fedora maintainers are CC'd often on the parent bug to bypass the private bug status while a bug is "under development". This has happened a few times for me as a maintainer of crypto-adjacent packages.That's a good point. I guess they could fix that by copying the description into the Fedora bug like Kevin said and/or making those "under development" security bugs private to all Fedora contributors instead of CCing specific people.
However, I think that the idea is that whatever should be said about the CVE should be said in the main tracer. The fedora tracker should be used just to not forget to fix this in Fedora.
Nevertheless, this might soon become non issue given: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/U7TZRWXVUGBCHS6EBJIBSFAVPFUHHV7J/ Vít
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
