gallery2 outstanding security bugs -- Abondoned by Berninger?

Cry cry_regarder at yahoo.com
Fri Dec 5 17:42:16 UTC 2008


Cry <cry_regarder <at> yahoo.com> writes:

> 
> gallery2 has two new versions and outstanding security bugs.  I have tried
> several times to email the maintainer John Berninger with no replies to a few
> different addresses.  Is this software dead in fedora? 

Just for form's sake in case it is necessary and can't be accelerated, The
non-responsive maintainer process was initiated at

https://bugzilla.redhat.com/show_bug.cgi?id=474870

Since fedora security loaded several of these bugs and they have CVE numbers
assigned, why didn't they followup when the maintainer didn't respond?  Will the
slow fix time for these bugs reflect negatively on fedora's stats?

Oh, Jon, what version of gallery2 did you build packages for?  Do you feel
comfortable that they would be ready to test?

Cry







More information about the fedora-devel-list mailing list