| 1 |
On 07/17/2010 05:51 PM, Christian Faulhammer wrote: |
| 2 |
> Hi, |
| 3 |
> |
| 4 |
> Thilo Bangert <bangert@g.o>: |
| 5 |
>>> please avoid having stabilisation requests |
| 6 |
>>> like http://bugs.gentoo.org/show_bug.cgi?id=327877, blocking a |
| 7 |
>>> security bug. That way, architecture teams may not see the severity |
| 8 |
>>> directly and it slips, leaving users with vulnerable versions longer |
| 9 |
>>> than needed. Thank you. |
| 10 |
>> |
| 11 |
>> perhaps it's a good idea to tell people what you expect of them |
| 12 |
>> instead. i presume just removing the blocker will not satisfy you. |
| 13 |
> |
| 14 |
> Do stabilisations on the security bug so arch team members can skim |
| 15 |
> through their stabilisation list by just looking for security@g.o to |
| 16 |
> find the vulnerable packages. |
| 17 |
> |
| 18 |
> V-Li |
| 19 |
> |
| 20 |
|
| 21 |
If you want things to happen this way then it should be at least |
| 22 |
documented in the devmanual. |
| 23 |
|
| 24 |
Regards, |
| 25 |
Petter |
Archives