On Thu, Nov 09, 2006 at 11:10:51AM -0500, Jesse Keating wrote: > On Thursday 09 November 2006 10:58, Ralf Corsepius wrote: > > The only thing that counts to end-users is receiving fixes in timely > > manners - not users being actively notified about a maintainer claiming > > to have addressed a particular CVE. > > There are many users of Fedora in general that wish to only take in security > fixes and not 'random update maintainer thought was cool'. Maybe the best would be to have the infrastructure that allows interested users to do the notification themselves easily without disturbing those who don't care. * if they are maintainers there could be tools such that it is easy to send out an advisory avec a rebuild * for other people there could be a way to watch out the changes in fedora extras packages (%changelogs) and an easy way to issue an advisory based on that. And of course all that should be documented in the wiki. Nothing should be mandatory for the package maintainers, in my opinion. -- -- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
