| 1 |
El sáb, 18-01-2014 a las 17:02 +0100, Alex Legler escribió: |
| 2 |
> On 18.01.2014 16:34, Pacho Ramos wrote: |
| 3 |
> > Was looking to existing gedit bug reports and I found: |
| 4 |
> > https://bugs.gentoo.org/show_bug.cgi?id=257004 |
| 5 |
> > |
| 6 |
> > That is only one more example of a really old bug report still opened |
| 7 |
> > and waiting for a GLSA. Was wondering what really causes this long |
| 8 |
> > delays, can't GLSA be done automatically? |
| 9 |
> |
| 10 |
> Nope. But we do make constant refinements to speed up the process. |
| 11 |
> |
| 12 |
> > Would a GLSA even have any |
| 13 |
> > sense for cases like this (after 5 years) |
| 14 |
> > |
| 15 |
> |
| 16 |
> Yope. (I've answered this questions a trillion times by now, so care to |
| 17 |
> use $searchengine?) |
| 18 |
> |
| 19 |
> > Thanks for your help |
| 20 |
> > |
| 21 |
> > |
| 22 |
> |
| 23 |
> Not sure what you wanted to achieve by sending this email. Posting |
| 24 |
> $old_bug assigned to a specific team to -dev to point fingers at them is |
| 25 |
> just lame, as I'm pretty sure there's bug skeletons in every team's closet. |
| 26 |
> |
| 27 |
> Appreciatively of your appreciation of our efforts, |
| 28 |
> Alex |
| 29 |
> |
| 30 |
|
| 31 |
What I want to achieve is to try to get this problem solved, I don't |
| 32 |
think has any sense to have pending GLSA bugs waiting for ages (yes, |
| 33 |
ages), I see this for really a lot of packages, the pointed one was only |
| 34 |
one example, but there are many more (like glib, dotnet stuff...) |
| 35 |
|
| 36 |
Regarding sending this to the whole list (well, I don't understand why |
| 37 |
people in security team want to not get gentoo-dev ML involved), I |
| 38 |
simply did that as I though maybe some help/suggestions could be needed |
| 39 |
taking care clearly the security team is not able to fix this situation |
| 40 |
for really a long time and, hopefully, some other people could help with |
| 41 |
their effort and ideas to fix this long standing issue. |
| 42 |
|
| 43 |
The issue is still present even if we don't talk about it and keep |
| 44 |
simply ignoring all bug reports assigned to security and accumulating |
| 45 |
for years. The idea is to try to solve the situation, not to point to |
| 46 |
you, I didn't pointed to you, you will know why do you feel offended |
| 47 |
about this. |
Archives