Archives
Archives
| From: | "Paweł Hajdan | ||
|---|---|---|---|
| To: | gentoo-project@l.g.o | ||
| Cc: | security@g.o | ||
| Subject: | Re: [gentoo-project] RFC: Making GLSAs useful for security | ||
| Date: | Thu, 15 Dec 2016 19:05:39 | ||
| Message-Id: | 3c79c805-dab5-92d6-7432-b59e79841b3e@gentoo.org | ||
| In Reply to: | [gentoo-project] RFC: Making GLSAs useful for security by Mart Raudsepp |
||
| 1 | On 13/12/2016 21:36, Mart Raudsepp wrote: |
| 2 | > Solution proposal: |
| 3 | > |
| 4 | > Push out a GLSA as soon as the relevant fix is available in the tree in |
| 5 | > any form (usually when the security bug moves from [ebuild] to [stable] |
| 6 | > state), so the fixed_in (unaffected) atoms have become known. |
| 7 | |
| 8 | Sounds good. |
| 9 | |
| 10 | Given the GLSA process itself introduces delays, and it seems to start |
| 11 | only after [stable], sending it earlier and in a simpler way is a nice |
| 12 | simplification of the process. |
| 13 | |
| 14 | Paweł |
| File name | MIME type |
|---|---|
| signature.asc | application/pgp-signature |
| Subject | Author |
|---|---|
| Re: [gentoo-project] RFC: Making GLSAs useful for security | Yury German <blueknight@g.o> |