On Thursday, April 02, 2015 01:05:32 PM Eric Christensen wrote:
Right now there is one critical CVE and 46 important CVEs open
against
either a package in Fedora or EPEL. These are CVEs that should have been
addressed long ago and I'm, quite frankly, tired of looking at them.
Just looked at the numbers after the weekend hoping I'd see some movement.
Here's what I found:
Of the 38 important CVEs opened in 2014 or prior that I identified last
Thursday as still being open one was closed, five are On_QA, and the rest don't
really look like they've been touched in a while, with a few exceptions.
All the cases are "owned" but it looks like most haven't been followed up on
in a while. If you want to participate in this "contest" but don't see a
way
in here's what I suggest: if a case hasn't been followed up on in the past
month TAKE IT! This includes the ones I touched today but don't "own".
Let's
crush these bugs and make Fedora better!
-- Eric
--------------------------------------------------
Eric "Sparks" Christensen
Red Hat, Inc - Product Security
sparks(a)redhat.com - sparks(a)fedoraproject.org
097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1
--------------------------------------------------