huzaifas reported a new issue against the project: `releng` that you are following: `` We need to implement the new Fedora Security policy as per: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedorapro...
"If a CRITICAL or IMPORTANT security issue is currently open against a package, or a security issue of lower severity has been open for at least 6 months, four weeks before the branch point a procedure similar to long-standing FTBFS will be triggered immediately, with 8 weeks of weekly notifications to maintainers and subsequent orphaning and then subsequent removal from distribution. This applies to all packages, not just leaf."
So before 4 weeks before the branch point, we need to ensure that: 1. Packages which have any pending critical or important security flaws open ie:
https://bugzilla.redhat.com/buglist.cgi?bug_severity=urgent&bug_severity...
are marked for FTBS and not built.
2. Packages which have any <important flaws open for atleast 6 months or more ie:
https://bugzilla.redhat.com/buglist.cgi?bug_severity=urgent&bug_severity...
are marked for FTBS and not build.
* When do you need this? 2019-01-01 - Much before the last branch point.
* If we cannot complete your request, what is the impact? Fedora 30 will ship lot of insecure packages. Major issue for the release. ``
To reply, visit the link below or just reply to this email https://pagure.io/releng/issue/7793