[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security fixes in Extras



Am Freitag, den 13.01.2006, 16:23 -0500 schrieb seth vidal: 
> On Fri, 2006-01-13 at 15:20 -0600, Josh Boyer wrote:
> > > On Fri, 2006-01-13 at 15:15 -0600, Josh Boyer wrote:
> > >>
> > >> Now the real question is, should there be some sort of defined policy
> > >> for security fixes?
> > > I'd be game with making a extras-security alert address that had the
> > > package signers and some other security folks on it so we could expedite
> > > things if need be.
> > >
> > > but a private list, for obvious reasons.

I'm not 100% sure if it needs to be private. I don't like "security by
obscurity". But of course it needs to be private *if* we're discussing
things under embargoed there.

> > I'll second this.  Seems like a good idea to me.
> > Should we talk about embargos though?
> why don't we just ask thorsten to add this to the agenda.

Done. Created a page in the wiki at
http://www.fedoraproject.org/wiki/Extras/Schedule/SecurityPolicy

Could those interested in the topic summarize this thread there? And
create a action list about the details that need to be discussed? After
that we should probably discuss those on fedora-extras list.
-- 
Thorsten Leemhuis <fedora leemhuis info>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]