Chris Gianelloni wrote: > On Fri, 2006-12-01 at 07:22 -0600, Andrew Gaffney wrote: >> Steve Long wrote: >> > The only question I have, which Stuart also >> > mentioned, is whether all security updates go thru the GLSA process. >> >> Are you asking if all security updates that are done to the release will >> have gone through the GLSA process? I'd say the answer is yes, since the >> only updates that will go in the release tree are security updates from >> GLSAs :P > > Actually, we would have to review the process, since not everything that > gets a security bug ends up with a GLSA. My current loose rule is that > if it deserves a GLSA, then it deserves and update, but I don't know the > exact criteria the security team uses to decide if something warrants a > GLSA or not. > Well, I'm guessing that the bugs are entered and reviewed as security bugs on some system or another. If so, we can just get the basic list automated to tie into a script collection.
Who would know what criteria the security people use? -- gentoo-dev@gentoo.org mailing list
