Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=470696 --- Comment #38 from Hongli Lai <honglilai@xxxxxxxxx> 2009-06-07 16:57:35 EDT --- Toshio, I totally understand your points. We are well aware of all of those disadvantages of bundling/forking that you mentioned, but given our circumstances we decided that bundling/forking Boost is the best solution, despite all the aforementioned disadvantages. We made this decision a year ago, and to date we still think that it's the right decision. Regarding responsibility: what I meant is that we take security very seriously, and that we will do our best to address any security problems, including those in Boost, as opposed to neglecting Boost security issues and happily keeping on vendoring the old, insecure version. We treat any problems in Boost as if they are problems in our own code. Is this explanation sufficient for you? If not, what are your concerns? -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review