The Debian/Ubuntu SSL bug
Jesse Keating
jkeating at redhat.com
Tue May 13 21:12:56 UTC 2008
On Tue, 2008-05-13 at 16:44 -0400, Dave Jones wrote:
>
> In some cases 'never' will be a valid answer for 'when upstream?'.
> Features that got vetoed (hi execshield!), or just distro-centric
> changes that upstream doesn't care about.
>
> For anything else, I think patches that survive >1 release should
> probably be eyed with suspicion. We're supposed to be "close to upstream"
> after all, and if patches are lasting longer than that without good reason,
> questions should probably be asked.
This sounds like something we could work into the requirements list for
SCM 2.0, something that will allow us to easily identify and audit the
patch sets going into our packages, as well as integrate a signed-off-by
or some such.
--
Jesse Keating
Fedora -- Freedom² is a feature!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-advisory-board/attachments/20080513/b78b6cf3/attachment.sig>
More information about the fedora-advisory-board
mailing list