How can we make security updates faster?

Kevin Fenzi kevin at scrye.com
Tue May 29 18:39:40 UTC 2012


On Mon, 28 May 2012 12:57:18 -0400 (EDT)
Paul Wouters <pwouters at redhat.com> wrote:

> 
> Hi,
> 
> I've recently had release updates to two packages with CVE issues in
> then. A few weeks ago, pidgin-otr needed a lot of me prodding people
> to try it and give karma to get the security update out. Right now, my
> socat CVE security releases sits in all four branches with no karma
> after four days.
> 
> Is there something we can do to make these security updates move
> faster?

...snip...

> Any other thoughts?

Perhaps if there's enough interest we could (re)vive a Security SIG of
some kind? One of their goals could be to cross test updates and
provide karma? 

kevin

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20120529/c1d2e1fe/attachment.sig>


More information about the devel mailing list