[Mageia-dev] Status report for Mageia 1 updates, and call for help from you packagers
Stew Benedict
stewbintn at gmail.com
Thu Aug 25 14:09:26 CEST 2011
On 08/24/2011 08:50 PM, Samuel Verschelde wrote:
> Hi,
>
> I was told that QA Team's work's visibility needs to be improved, so as a team
> member I'll try to give you some sort of status report.
> - 1 has been validated by QA one month ago, but was assigned to security team
> following updates policy for security fixes, and got not answer. We have to
> improve either the policy or the security team here (or both).
Do you have a pointer to this bug? I'm not finding it in bugzilla. I'm
not sure what I can do with it once assigned back to secteam, aside from
write an advisory text. I don't have admin rights to release it, etc.
(afaik). It was basically my understanding that the secteam role is to
initiate the bug, provide patches, POC, and advisory text and the
maintainer do the update and pass it on to QA. I've stopped even
intiating because they are just sitting there in the new/unassigned
state. some for 2 months or more now. While a shiny new KDE is nice, not
pushing updates for published vulnerabilities makes us look bad, imho.
--
Stew Benedict
More information about the Mageia-dev
mailing list