On 2/10/16 6:08 AM, Rafael Gieschke wrote:
I am sorry for having to write this email.
Rafael,
I'm also sorry you had to write this...
There should have been someone watching this component, and I'm sorry
there wasn't (largely because the relevant code is not really actively
maintained, unfortunately). This is why we're trying to get explicit
triage rotations set up for all components right now. I believe that if
that were already in place three months ago, this would not have happened.
I don't know why the setup we have in place for explicitly triaging
security bugs failed in this case, or what happened with the mails to
secur...@mozilla.org, since I'm not privy to the former nor on the
latter list. Something clearly failed badly there. :(
In any case, thank you very much for both filing the bugs and for
bringing this issue up. For these two particular bugs, we're going to
figure out who can look at them who somewhat understands the relevant
code and has time; this will likely take a few days to sort out. For
the general problem, I think the regular triage rotations will give us a
much better handle on things and will prevent things from falling
through the cracks like this.
-Boris
_______________________________________________
governance mailing list
governance@lists.mozilla.org
https://lists.mozilla.org/listinfo/governance
