The new Update Acceptance Criteria are broken
Toshio Kuratomi
a.badger at gmail.com
Wed Nov 24 11:13:59 UTC 2010
On Tue, Nov 23, 2010 at 05:51:06AM +0100, Miloslav Trmač wrote:
> Mike Fedyk píše v Po 22. 11. 2010 v 18:03 -0800:
> > Also security updates should not have any other changes mixed in.
> In the early days of Fedora, it was explicitly decided that (contra
> Debian) maintainers are not required to backport patches and that
> rebases (fixing a bug by updating to a new upstream release) are the
> most expected kind of update.
>
> It seems the consensus on this decision is not as strong as it used to
> be, nevertheless - with the number of package maintainers that admit
> they can't fix bugs in their packages on their own, is overturning this
> policy even possible?
> Mirek
Thanks, Mirek, for pointing out the first issue with this idea. The second
issue is that Fedora doesn't have a security team which fixes security
issues. We have package maintainers and the people they can/will ping to
come up with solutions for security issues. The security team was just
there for keeping track of when security issues are reported in other venues
and seeing that we addressed them in Fedora (I'm not sure how active it
still is either.)
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20101124/41b35ca0/attachment.bin
More information about the devel
mailing list