On Thu, 2006-11-09 at 18:52 +0100, Patrice Dumas wrote: > On Thu, Nov 09, 2006 at 11:10:51AM -0500, Jesse Keating wrote: > > On Thursday 09 November 2006 10:58, Ralf Corsepius wrote: > > > The only thing that counts to end-users is receiving fixes in timely > > > manners - not users being actively notified about a maintainer claiming > > > to have addressed a particular CVE. > > > > There are many users of Fedora in general that wish to only take in security > > fixes and not 'random update maintainer thought was cool'. > > Maybe the best would be to have the infrastructure that allows interested > users to do the notification themselves easily without disturbing those who > don't care. c.f. my previous posting. We are discussion a non-argument here. If you want a "security only" update medium, this should be integrated into yum. The fundamental question would be how that would be useful and how to separate "security updates" from "ordinary updates". Also consider that many FE maintainers don't really care about security, many "simply package". Also consider that many of the packages in Fedora qualify as "exotic niche packages" which don't have a real "security monitoring" record. Ralf -- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
