Security release criterion proposal

Adam Williamson awilliam at
Wed May 18 16:19:18 UTC 2011

On Wed, 2011-05-18 at 08:57 -0700, Adam Williamson wrote:

> # There must be no known remote code execution vulnerability which could
> be exploited during installation or during use of a live image shipped
> with the release
> Points to consider:

One more 'point to consider' that I forgot: for most things we only
consider the 'desktop' and KDE live images as capable of blocking the
release, but I thought for security issues it makes sense to broaden
this out to all the images we actually ship as part of the release. This
is definitely up for debate, though; it would be possible to tighten it
down to only desktop and KDE, or to only the most commonly-used spins,
or something.
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org

More information about the test mailing list