I read the policy [0] as "major (bug | security) fixes", and the CVE
is only rated as moderate [1]. Should the policy be read as "(major
bug | any security) fixes"? I am not opposed to building the update
on F31 as well.
[0] https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#all-other-updates
[1] https://access.redhat.com/security/cve/CVE-2020-13962
I'm not worried about getting that nit-pickey... If it addresses a CVE that's good enough for me.
It looks like mumble was rebuilt for a new protobuf, can you update (rebase) your pull request so it's mergeable?
If you can do that fairly soon I'll try to make some time to merge it and perform the builds and push new updates.
Thanks,
Richard