diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2012-July/017346.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2012-July/017346.html | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2012-July/017346.html b/zarb-ml/mageia-dev/2012-July/017346.html new file mode 100644 index 000000000..38c8753b8 --- /dev/null +++ b/zarb-ml/mageia-dev/2012-July/017346.html @@ -0,0 +1,90 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg) + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Security%20updates%20-%20Help%20needed%20%28also%20forgot%0A%09avidemux%20and%20gstreamer0.10-ffmpeg%29&In-Reply-To=%3Cjtt5sq%24jt%241%40dough.gmane.org%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="017321.html"> + <LINK REL="Next" HREF="017126.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg)</H1> + <B>David Walser</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Security%20updates%20-%20Help%20needed%20%28also%20forgot%0A%09avidemux%20and%20gstreamer0.10-ffmpeg%29&In-Reply-To=%3Cjtt5sq%24jt%241%40dough.gmane.org%3E" + TITLE="[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg)">luigiwalser at yahoo.com + </A><BR> + <I>Sun Jul 15 03:20:23 CEST 2012</I> + <P><UL> + <LI>Previous message: <A HREF="017321.html">[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg) +</A></li> + <LI>Next message: <A HREF="017126.html">[Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression] +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#17346">[ date ]</a> + <a href="thread.html#17346">[ thread ]</a> + <a href="subject.html#17346">[ subject ]</a> + <a href="author.html#17346">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Buchan Milne wrote: +><i> On Thursday, 5 July 2012 20:34:02 David Walser wrote: +</I>>><i> Guillaume Rousse wrote: +</I>>><i> > So, before any further contribution from my side, I'd like the people in +</I>>><i> > charge of security updates to find some internal agreement about what +</I>>><i> > kind of help they expect from other people exactly. If that's just to +</I>>><i> > push a non-discussable list of changes into spec files, they could as +</I>>><i> > well ask for SVN commit and package submission rights, to do it +</I>>><i> > directly. This would avoid a large amount of anger and frustration for +</I>>><i> > everyone. +</I>>><i> +</I>>><i> Nobody is in charge, which is part of the problem. I think a lot of us +</I>>><i> packagers come from Mandriva where we were used to Oden being in charge of +</I>>><i> updates for stable distros, and therefore not having to worry about it. +</I>><i> +</I>><i> While Mandriva had a security team (before Oden, Stew, and before that Stew +</I>><i> and Vince). However, that doesn't mean you never had to worry about anything. +</I> +Sure, maybe the security manager would ask a maintainer for help with something sometimes, but they still had ultimately responsibility for +the updates. My point is that responsibility falls on all of us packagers now, and it's a perspective shift that needs to be made. + +Also, I don't want anyone to get the idea that I'm in charge of security updates, even though I've kind of taken charge of it in a way, +because when I finally started using Mageia at the end of last year, I noticed a lot of updates had been missed and nobody had taken charge +of keeping track of such things. So I try my best to keep track of it now and do my best to help get the needed updates out. Please keep in +mind that I do not have the level of experience of Vince or Oden and I have a full-time job which is not "make security updates for Mageia." +I am doing my best, as is the QA team. + +Mageia may not be the first to market with security updates (we're usually later than many other distros), but for highly critical zero-days +and things being actively exploited, we've done well with packagers, QA, and sysadmins working together to get these updates out in a timely +manner. For other security updates, the important thing is that we get them out, not that we're first to market. + +Finally Buchan, I have no complaints about the job you've done contributing to security updates for packages you maintain. So if I ever +sound like I'm complaining, it's not directed at you. + +</PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="017321.html">[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg) +</A></li> + <LI>Next message: <A HREF="017126.html">[Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression] +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#17346">[ date ]</a> + <a href="thread.html#17346">[ thread ]</a> + <a href="subject.html#17346">[ subject ]</a> + <a href="author.html#17346">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |