Security update process without CVEs
denials at gmail.com
Tue Jan 21 22:09:54 UTC 2014
On Tue, Jan 21, 2014 at 4:31 PM, Eric H. Christensen
<sparks at fedoraproject.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> On Tue, Jan 21, 2014 at 04:26:19PM -0500, Dan Scott wrote:
>> I tried following
>> but it appears to depend on waiting on a CVE, which upstream did not
>> yet have... but upstream had already pushed the new release to CPAN.
> You may be able to request the CVE yourself. I'm trying to contact the guy that handles those things for FOSS but a netsplit is keeping me from talking to him at the moment.
Thanks; upstream had already submitted the request for a CVE. They
just hadn't received it yet.
More information about the devel