Security fixes in Extras
Hans de Goede
j.w.r.degoede at hhs.nl
Sat Jan 14 10:16:56 UTC 2006
I'm busy to add my 2 cents to the wiki page. You seem however to have
forgot to add a note about this and a link to that page on the actual
Schedule page.
Regards,
Hans
Thorsten Leemhuis wrote:
> Am Freitag, den 13.01.2006, 16:23 -0500 schrieb seth vidal:
>> On Fri, 2006-01-13 at 15:20 -0600, Josh Boyer wrote:
>>>> On Fri, 2006-01-13 at 15:15 -0600, Josh Boyer wrote:
>>>>> Now the real question is, should there be some sort of defined policy
>>>>> for security fixes?
>>>> I'd be game with making a extras-security alert address that had the
>>>> package signers and some other security folks on it so we could expedite
>>>> things if need be.
>>>>
>>>> but a private list, for obvious reasons.
>
> I'm not 100% sure if it needs to be private. I don't like "security by
> obscurity". But of course it needs to be private *if* we're discussing
> things under embargoed there.
>
>>> I'll second this. Seems like a good idea to me.
>>> Should we talk about embargos though?
>> why don't we just ask thorsten to add this to the agenda.
>
> Done. Created a page in the wiki at
> http://www.fedoraproject.org/wiki/Extras/Schedule/SecurityPolicy
>
> Could those interested in the topic summarize this thread there? And
> create a action list about the details that need to be discussed? After
> that we should probably discuss those on fedora-extras list.
More information about the Fedora-maintainers
mailing list