[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: gallery2 outstanding security bugs -- Abondoned by Berninger?



On Fri, 5 Dec 2008 17:42:16 +0000 (UTC)
cry_regarder yahoo com (Cry) wrote:

> Cry <cry_regarder <at> yahoo.com> writes:
> 
> > 
> > gallery2 has two new versions and outstanding security bugs.  I
> > have tried several times to email the maintainer John Berninger
> > with no replies to a few different addresses.  Is this software
> > dead in fedora? 
> 
> Just for form's sake in case it is necessary and can't be
> accelerated, The non-responsive maintainer process was initiated at
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=474870

Sounds good.

> Since fedora security loaded several of these bugs and they have CVE
> numbers assigned, why didn't they followup when the maintainer didn't
> respond?  Will the slow fix time for these bugs reflect negatively on
> fedora's stats?

Because the fedora security folks are focused on notifying maintainers
and helping them fix things, and making sure security updates are
correct. There isn't any policy in place to have them make the changes,
although if we can get enough people interested in helping that would
be a good thing to try and do. 

kevin

Attachment: signature.asc
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]