>>>>> "BO" == Bryan O'Sullivan <bos@xxxxxxxxxxxxxx> writes: BO> If a package maintainer doesn't turn a security fix around BO> quickly, is it reasonable (albeit a bit less than totally polite) BO> to step in and do the update oneself, assuming the ACLs permit it? Well, we're all supposed to be helping each other here. Make sure things get in bugzilla and are marked as security so the security team sees it, and if you have a patch and you have access they I can't see why you wouldn't at least commit it and do a scratch build. And after testing, if there's no response from the maintainer and the issue is actually being exploited then I don't see why you wouldn't push or ask the security team to push. - J< -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
