[urgent] libsndfile security update needs 2 proventesters

Adam Williamson awilliam at redhat.com
Mon Jul 12 15:33:34 UTC 2010


On Mon, 2010-07-12 at 09:16 +0200, Michel Alexandre Salim wrote:
> Hi folks,
> 
> libsndfile for EL-5 has had a security vulnerability for many months,
> and now that it is actively maintained again, unfortunately hit the
> Bodhi proventester bottleneck (see forwarded announcement below)
> 
> ---------- Forwarded message ----------
> From: Luke Macken <lmacken at redhat.com>
> Subject: Bodhi 0.7.5 release
> 
> [...]
> Critical path package[0] updates now require positive karma from two
> proventesters[1], and a single +1 from one other community member.
> [...]
> 
> We need two proventesters to approve this update:
> https://admin.fedoraproject.org/updates/libsndfile-1.0.17-3.el5
> 
> The patch applied is trivial (see the first linked bug report in the
> update request, and feel free to check out the libsndfile package and
> verify that the patch is applied to the EL-5 branch).

Luke, I really think turning on critpath requirements for everything in
the world is going to prove to be a problem. I certainly never expected
this to hit EPEL, AFAIK Fedora QA and FESCo have no actual power to
commit to this policy for EPEL. How hard would it be to just disable
this requirement again for EPEL at least?
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net



More information about the test mailing list