[Mageia-dev] [RPM] cauldron core/release openssh-5.8p1-2.mga1
Stew Benedict
stewbintn at gmail.com
Thu May 5 13:35:53 CEST 2011
On 05/05/2011 06:48 AM, Jérôme (saispo) Soyer wrote:
> As we said yesterday in packager meeting, a wiki page dedicated to
> secteam must be written with all information about where we can see
> advisory, grabing patch and good pratice for the process (opening a
> bug, correcting the bug, doing a good changelog etc..)
>
> What do you think about that ?
>
Sounds like a good idea. If you want to start such a page, I'll add to
it as needed. If others are interested we can start to identify the
team. For now we don't have to worry about embargoed issues, private
bugs etc., until we develop some history of security updates and can
apply for admission to the closed list.
Personally, I would identify not only our own bug in the changelog, but
also the CVE etc. People seem to tend to focus on versions when they
stumble upon security related announcements, and it's nice to be able to
quickly point to the package changelog to show the issue has been addressed.
--
Stew Benedict
New Tazewell, TN
More information about the Mageia-dev
mailing list