Disturbing lack of FE security updates announcements!
Hans de Goede
j.w.r.degoede at hhs.nl
Thu Nov 9 11:01:12 UTC 2006
Hi All,
This morning I've been working on fixing several security flaws in imlib2.
When I was done with fixing and building these, I started writing a
security update notification mail to send to fedora-package-announce at redhat.com
In the usual format for updates send to this list.
The Fedora Extras updates have there own numbering scheme seperate of that of FC,
so I started looking through the archives for the last update to give mine the next
free number, much to my shock the idenitifier for this security update is:
FEDORA-EXTRAS-2006-004
IOW, this is the 4th security announcement send on behalve of FE this year, that is
really BAD! Even worse, FEDORA-EXTRAS-2006-003 the previous announcement was also send
to the list by me? Am I the only one taking the trouble to announce security updates??
When magazine XXX is going todo security stats on FE the will use the official
announcements to determine our response time and this will make us look bad, not to
mention the fact that this is really bad communication to our end users!
FESco, can you please mandate sending a mail to fedora-package-announce at redhat.com for
security related updates?
Regards,
Hans
More information about the fedora-extras-list
mailing list