-testing timeout
William Hooper
whooperhsd3 at earthlink.net
Sun Feb 1 01:41:42 UTC 2004
David Rees said:
> If the vulnerability was that serious, there would be more people
> interested in testing the package. In the case of ethereal, it seems
> that not many people are interested in the package, hence the low
> interest in testing it.
http://www.debian.org/News/2003/20031202
Some vulnerabilities only become "Serious" after the fact.
So, a package sits in testing for a week, gets pushed to updates. The 1
person that is using it starts to complain about something. This would be
a great time to introduce this person to the QA process and get them
involved.
I think the majority of the time the case would be that a number of people
have downloaded that package and not bothered to "official" give it a
thumbs up. No news is good news.
Using the ethereal example: If you have a serious need for it, then you
need to test it. Isn't that part of having "community" updates, that the
"community" decides how good the updates are?
--
William Hooper
More information about the fedora-legacy-list
mailing list