[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg)
David Walser
luigiwalser at yahoo.com
Fri Jul 6 02:34:02 CEST 2012
Guillaume Rousse wrote:
> So, before any further contribution from my side, I'd like the people in
> charge of security updates to find some internal agreement about what
> kind of help they expect from other people exactly. If that's just to
> push a non-discussable list of changes into spec files, they could as
> well ask for SVN commit and package submission rights, to do it
> directly. This would avoid a large amount of anger and frustration for
> everyone.
Nobody is in charge, which is part of the problem. I think a lot of us packagers come from Mandriva
where we were used to Oden being in charge of updates for stable distros, and therefore not having
to worry about it. We are a community distro, we have no paid security manager. It is all of our
responsibility to do security updates for stable distros.
As far as what kind of help is expected, it varies per bug really. Some of them have maintainers
that might want to give input. Some I would like to know from someone else more experienced or who
has more at stake in a package how to handle an update when there are choices. Sometimes other
distros have pushed an updated (bugfix-only) version, or patched other bugs as well, rather than
just patched the security bug. Based on my descriptions in my e-mail and comments in the bugs, you
can see some of those that I'd just like some advice. Others are more complicated or packages that
I don't know anything about. Bottom line is, the ones I've asked about, there's some reason I
haven't just done it myself. Any help you can offer is appreciated. If you want clarification on
any particular one what I need, please just ask me.
More information about the Mageia-dev
mailing list