[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Approvals for Security updates



Hi Kevin,

On Fri, 2007-09-07 at 03:19 +0000, Kevin Kofler wrote:
> Lubomir Kundrak <lkundrak <at> redhat.com> writes:
> > A week ago, there remained no time to discuss this on FESCo meeting, so
> > I was advised to post it here for comments: [1]
> > 
> > [1] http://fedoraproject.org/wiki/LubomirKundrak/SecurityUpdateProcessDraft
> 
> IMHO, you have to be careful that the approval process doesn't introduce excess 
> delays because otherwise you'd encourage even more security updates not to be 
> marked as such (and if you implement the automarking when a security bug is 
> referenced, also missing Bugzilla references to avoid the security marking), 
> which would be counterproductive.

The members of Fedora Security Response team do receive mail
notifications about security updates. In vast majority cases we are able
to review the update within on (business) day. That is far less than
what it takes to do a QA or for the package to be in -testing
repository.

> 
>          Kevin Kofler
> 

Regards,
-- 
Lubomir Kundrak (Red Hat Security Response Team)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]