Fedora Extras Security Response Team
Chris Ricker
kaboom at oobleck.net
Thu Apr 6 13:26:03 UTC 2006
On Wed, 5 Apr 2006, Jesse Keating wrote:
> Ah ok. I applied for and got accepted into Vendor-Sec, the vendor
> security notification email list. We could nominate one person or so to
> be on there for Extras. I serve as a filter for Legacy, when there are
> things related to Legacy packages I forward them on to our Legacy
> builder team. Before we start doing pre-notifications, we need to
> define a private bugzilla group so that we can file bugs in private and
> not have public view. Unfortunately we don't have the ability to do
> embargo CVS branches within Extras ATM, something we should bring up to
> FESCo to rectify so that we can generate packages and such prior to
> embargo date. This is a big hairy thing, we should concentrate on how
> we handle publicized issues first, then move into pre-notification.
> Again, small steps.
As a starting point, is just using the "Fedora Project Contributers" good
enough?
later,
chris
More information about the security
mailing list