1 |
El sáb, 18-01-2014 a las 17:02 +0100, Alex Legler escribió: |
2 |
> On 18.01.2014 16:34, Pacho Ramos wrote: |
3 |
> > Was looking to existing gedit bug reports and I found: |
4 |
> > https://bugs.gentoo.org/show_bug.cgi?id=257004 |
5 |
> > |
6 |
> > That is only one more example of a really old bug report still opened |
7 |
> > and waiting for a GLSA. Was wondering what really causes this long |
8 |
> > delays, can't GLSA be done automatically? |
9 |
> |
10 |
> Nope. But we do make constant refinements to speed up the process. |
11 |
> |
12 |
> > Would a GLSA even have any |
13 |
> > sense for cases like this (after 5 years) |
14 |
> > |
15 |
> |
16 |
> Yope. (I've answered this questions a trillion times by now, so care to |
17 |
> use $searchengine?) |
18 |
> |
19 |
> > Thanks for your help |
20 |
> > |
21 |
> > |
22 |
> |
23 |
> Not sure what you wanted to achieve by sending this email. Posting |
24 |
> $old_bug assigned to a specific team to -dev to point fingers at them is |
25 |
> just lame, as I'm pretty sure there's bug skeletons in every team's closet. |
26 |
> |
27 |
> Appreciatively of your appreciation of our efforts, |
28 |
> Alex |
29 |
> |
30 |
|
31 |
What I want to achieve is to try to get this problem solved, I don't |
32 |
think has any sense to have pending GLSA bugs waiting for ages (yes, |
33 |
ages), I see this for really a lot of packages, the pointed one was only |
34 |
one example, but there are many more (like glib, dotnet stuff...) |
35 |
|
36 |
Regarding sending this to the whole list (well, I don't understand why |
37 |
people in security team want to not get gentoo-dev ML involved), I |
38 |
simply did that as I though maybe some help/suggestions could be needed |
39 |
taking care clearly the security team is not able to fix this situation |
40 |
for really a long time and, hopefully, some other people could help with |
41 |
their effort and ideas to fix this long standing issue. |
42 |
|
43 |
The issue is still present even if we don't talk about it and keep |
44 |
simply ignoring all bug reports assigned to security and accumulating |
45 |
for years. The idea is to try to solve the situation, not to point to |
46 |
you, I didn't pointed to you, you will know why do you feel offended |
47 |
about this. |