On Fri, 2014-08-01 at 12:31 -0400, David Cafaro wrote:
The only problem I see with this is that what happens if for some
reason
the fst_owner drops out and is no longer maintaining the ticket?
Oh, and Hi all, just volunteered up yesterday. Will take some time this
weekend to catchup on everything and get into the work flow. I
currently work as a systems engineer at a firm specializing in computer
and network security solutions. Looking forward to helping out.
Cheers,
David
On 08/01/2014 12:27 PM, Jason Taylor wrote:
> On Fri, 2014-08-01 at 12:21 -0400, Eric H. Christensen wrote:
>> I've already started seeing some successes in closing some security
>> bugs. I'd like to try to prioritize our efforts a bit. On the
>> Security Team wiki page I provided links to security bugs based on
>> their urgency (Critical -> Important -> Moderate -> Low). We should
>> also prioritize our efforts within those categories as oldest to
>> newest. I'm hoping that the older vulnerabilities have already been
>> closed and the tickets just left open. If not we should definitely get
>> them fixed.
>>
>> By the way, the links on the wiki look at all vulnerabilities in Fedora
>> and EPEL (bugs tagged with Keywords: SecurityTracking). I think I'll
>> modify the query to not show bugs that already have an fst_owner so
>> people only see what's not taken. Thoughts?
> +1 for showing bugs with no fst_owner.
>
>> -- Eric
>>
>> -------------------------------------------------- Eric "Sparks"
>> Christensen Fedora Project
>>
>> sparks(a)fedoraproject.org - sparks(a)redhat.com 097C 82C3 52DF C64A 50C2
>> E3A3 8076 ABDE 024B B3D1
>> --------------------------------------------------
>> _______________________________________________ security-team mailing
>> list security-team(a)lists.fedoraproject.org
>>
https://lists.fedoraproject.org/mailman/listinfo/security-team
>
> JT
> _______________________________________________
> security-team mailing list
> security-team(a)lists.fedoraproject.org
>
https://lists.fedoraproject.org/mailman/listinfo/security-team
_______________________________________________
security-team mailing list
security-team(a)lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/security-team
I was thinking of the wiki query links as "quick looks" for those
checking to see how many tickets are not taken by a security team member
or a security team member looking for tickets to take. If the intent of
the links is something else then clearly I am off the mark lol.
The question of fst_owner assigned but orphaned is a good one. Being
very new to this I don't know if we have a process in place yet for
querying "stale" tickets that have a fst_owner but haven't been updated
in x day or such.
JT