On Mon Sep 12, 2022, Vít Ondruch wrote: > > Dne 09. 09. 22 v 17:09 Maxwell G via devel napsal(a): > > On Friday, September 9, 2022 Vít Ondruch wrote: > >> However, I think that the idea is that whatever should be said about the > >> CVE should be said in the main tracer. The fedora tracker should be used > >> just to not forget to fix this in Fedora. > > Why not both? We shouldn't have to reference two different bugs to figure out > > what's going on. > > > > > > First of all, what is the information you would like to put to either of > the trackers? Currently, the Fedora trackers contain > This is an automatically created tracking bug! It was created to ensure > that one or more security vulnerabilities are fixed in affected versions > of fedora-all. > > For comments that are specific to the vulnerability please use bugs filed > against the "Security Response" product referenced in the "Blocks" field. > > For more information see: > http://fedoraproject.org/wiki/Security/TrackingBugs > > When submitting as an update, use the fedpkg template provided in the next > comment(s). This will include the bug IDs of this tracking bug as well as > the relevant top-level CVE bugs. > > Please also mention the CVE IDs being fixed in the RPM changelog and the > fedpkg commit message. > > NOTE: this issue affects multiple supported versions of Fedora. While only > one tracking bug has been filed, please correct all affected versions at > the same time. If you need to fix the versions independent of each other, > you may clone this bug as appropriate. while the main bug has the actual description. I'm saying that the description should be copied to the Fedora tracker. -- Maxwell G (@gotmax23) Pronouns: He/Him/His
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
