critpath approval process seems rather broken
Tom Lane
tgl at redhat.com
Sat Apr 9 00:27:09 UTC 2011
For the past several days I've been getting daily nagmails about the
fact that libtiff hasn't been pushed into f13 (example attached).
Because it's a critpath package, I as the lowly maintainer do not have
privileges to push it stable, not even after two weeks. Those who do
have privileges to approve this sort of thing evidently are paying no
attention to f13 packages, not even security bugs on critpath packages.
I will refrain from ranting, and just point out that something is
pretty darn broken about this process. Why are the nagmails going
to someone with no power to fix the problem? Shouldn't somebody
with approval power be paying more than zero attention to older
branches?
regards, tom lane
------- Forwarded Message
Date: Sat, 09 Apr 2011 00:00:43 +0000
From: updates at fedoraproject.org
To: tgl at redhat.com
Subject: [Fedora Update] [CRITPATH] [old_testing_critpath] libtiff-3.9.4-4.fc13
The critical path update for libtiff-3.9.4-4.fc13 has been in 'testing' status for over
2 weeks, and has yet to be approved.
================================================================================
libtiff-3.9.4-4.fc13
================================================================================
Update ID: FEDORA-2011-3827
Release: Fedora 13
Status: testing
Type: security
Karma: 0
Bugs: 684939 - CVE-2011-1167 libtiff: heap-based buffer overflow in
: thunder decoder (ZDI-11-107)
: 684007 - libtiff fails to decode some G4 images
: correctly
: 678635 - CVE-2011-0192 libtiff: buffer overflow in
: Fax4Decode
Notes: Fix incorrect fix for CVE-2011-0192 Add fix for CVE-2011-1167
: Fix buffer overrun in fax decoding (CVE-2011-0192) as
: well as a non-security-critical crash in gif2tiff.
Submitter: tgl
Submitted: 2011-03-21 20:38:28
Comments: bodhi - 2011-03-21 20:38:42 (karma 0)
This update has been submitted for testing by tgl.
bodhi - 2011-03-22 18:53:10 (karma 0)
This update has been pushed to testing
https://admin.fedoraproject.org/updates/libtiff-3.9.4-4.fc13
------- End of Forwarded Message
More information about the devel
mailing list