huzaifas reported a new issue against the project: `releng` that you are following:
We need to implement the new Fedora Security policy as per:
"If a CRITICAL or IMPORTANT security issue is currently open against a package, or a
security issue of lower severity has been open for at least 6 months, four weeks before
the branch point a procedure similar to long-standing FTBFS will be triggered immediately,
with 8 weeks of weekly notifications to maintainers and subsequent orphaning and then
subsequent removal from distribution. This applies to all packages, not just leaf."
So before 4 weeks before the branch point, we need to ensure that:
1. Packages which have any pending critical or important security flaws open ie:
are marked for FTBS and not built.
2. Packages which have any <important flaws open for atleast 6 months or more ie:
are marked for FTBS and not build.
* When do you need this? 2019-01-01 - Much before the last branch point.
* If we cannot complete your request, what is the impact?
Fedora 30 will ship lot of insecure packages. Major issue for the release.
To reply, visit the link below or just reply to this email