1 |
On 07/17/2010 05:51 PM, Christian Faulhammer wrote: |
2 |
> Hi, |
3 |
> |
4 |
> Thilo Bangert <bangert@g.o>: |
5 |
>>> please avoid having stabilisation requests |
6 |
>>> like http://bugs.gentoo.org/show_bug.cgi?id=327877, blocking a |
7 |
>>> security bug. That way, architecture teams may not see the severity |
8 |
>>> directly and it slips, leaving users with vulnerable versions longer |
9 |
>>> than needed. Thank you. |
10 |
>> |
11 |
>> perhaps it's a good idea to tell people what you expect of them |
12 |
>> instead. i presume just removing the blocker will not satisfy you. |
13 |
> |
14 |
> Do stabilisations on the security bug so arch team members can skim |
15 |
> through their stabilisation list by just looking for security@g.o to |
16 |
> find the vulnerable packages. |
17 |
> |
18 |
> V-Li |
19 |
> |
20 |
|
21 |
If you want things to happen this way then it should be at least |
22 |
documented in the devmanual. |
23 |
|
24 |
Regards, |
25 |
Petter |