On Thu, 2006-06-29 at 17:15 -0400, Josh Bressers wrote:
I finally checked in an extras errata generation system. It's rather
trivial. I've been sitting on this for a few weeks and just haven't had
time to clean it up enough to commit it.
And now we've sat on it a bit more, no announcements sent :(. Let's try
The readme file has some details on how things work. In a nutshell
just have to run the errata-gen command, which places an advisory into the
errata directory for you. Then just edit away.
Okay, tested by creating FEDORA-EXTRAS-2006-003 for CVE-2006-3668, it
Now we have to think about how editing should be handled. I'm
least one other team member should approve an errata before it gets mailed.
Works for me. As a general rule, who mails it? The package maintainer?
The 1st or 2nd security team member handling the issue?
It might not be a bad idea to add a "CVE ID(s):" placeholder somewhere
in the template so that info is more likely to be included in the