Extras errata
Ville Skyttä
ville.skytta at iki.fi
Fri Jul 28 16:08:38 UTC 2006
On Thu, 2006-06-29 at 17:15 -0400, Josh Bressers wrote:
> Hi everyone,
>
> I finally checked in an extras errata generation system. It's rather
> trivial. I've been sitting on this for a few weeks and just haven't had
> time to clean it up enough to commit it.
And now we've sat on it a bit more, no announcements sent :(. Let's try
to improve.
> The readme file has some details on how things work. In a nutshell you
> just have to run the errata-gen command, which places an advisory into the
> errata directory for you. Then just edit away.
Okay, tested by creating FEDORA-EXTRAS-2006-003 for CVE-2006-3668, it
worked.
> Now we have to think about how editing should be handled. I'm thinking at
> least one other team member should approve an errata before it gets mailed.
>
> Thoughts?
Works for me. As a general rule, who mails it? The package maintainer?
The 1st or 2nd security team member handling the issue?
It might not be a bad idea to add a "CVE ID(s):" placeholder somewhere
in the template so that info is more likely to be included in the
announcement.
More information about the security
mailing list