How can we make security updates faster?
awilliam at redhat.com
Tue May 29 05:21:26 UTC 2012
On Mon, 2012-05-28 at 23:49 +0200, Michael Scherer wrote:
> Le lundi 28 mai 2012 à 12:57 -0400, Paul Wouters a écrit :
> > Hi,
> > I've recently had release updates to two packages with CVE issues in
> > then. A few weeks ago, pidgin-otr needed a lot of me prodding people
> > to try it and give karma to get the security update out. Right now, my
> > socat CVE security releases sits in all four branches with no karma after
> > four days.
> > Is there something we can do to make these security updates move faster?
> > Perhaps a new mailinglist that just announces the security releases, to
> > remind people to test them and give karma.
> > Perhaps a gui app for people running post latest full release fedora
> > installs that checks if some software you are using is in need of karma?
> I would take this road.
We actually have this on the QA wishlist and it was one of the projects
we proposed for GSoC for QA, but it didn't quite make it. We may still
wind up doing it through some other channel, though. See also
https://fedoraproject.org/wiki/Summer_coding_ideas_for_2012#Fedora_Gooey_Karma and http://blog.tirfa.com/gooey-karma.
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
More information about the devel