On 05/20/2010 10:44 AM, Kevin Fenzi wrote:
> On Tue, 11 May 2010 11:10:39 -0800
> Jeff Spaleta wrote:
>
>
>> On Tue, May 11, 2010 at 10:57 AM, Jon Ciesla
>> wrote:
>>
>>> Well, no, not if there's an easy way to find the existing stuff. Is
>>> there a way to extract this info from Bugzil
Till Maas wrote:
> A current problem I see with using upstream release monitoring is that
> there is no easy way to query which bugs are ignored, because it is
> perfectly valid to not touch the bug as a maintainer but only update the
> package. This will avoid a new bug to be filed, but the mainta
On Thu, May 20, 2010 at 7:44 AM, Kevin Fenzi wrote:
> http://tinyurl.com/22resfg
>
> Currently I see 77 bugs on this list, I'm sure maintainers who haven't
> been able to fix things yet would love provenpackgers to step in and
> help out. :)
Awesome. Lets see if I can earn my security bugfix meri
On 05/11/2010 10:03 PM, Thomas Spura wrote:
> Am Dienstag, den 11.05.2010, 17:47 +0800 schrieb Chen Lei:
>>
>>
>> 2010/5/11 Rahul Sundaram
>> Hi
>>
>> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
>>
>> Quake 3 engine needs to be updated. The cur
On Tue, 11 May 2010 11:10:39 -0800
Jeff Spaleta wrote:
> On Tue, May 11, 2010 at 10:57 AM, Jon Ciesla
> wrote:
> > Well, no, not if there's an easy way to find the existing stuff. Is
> > there a way to extract this info from Bugzilla? I'd stick that
> > query in my bookmarks and peek at it eve
On 15 May 2010 22:13, Till Maas wrote:
> On Sat, May 15, 2010 at 09:29:37PM +0530, Rakesh Pandit wrote:
>> On 15 May 2010 21:07, Till Maas wrote:
>
>> > The upstream release monitoring tool (formerly fever) is not really used
>> > to identify such packages, because there is no process to identify
>
On Sat, May 15, 2010 at 09:29:37PM +0530, Rakesh Pandit wrote:
> On 15 May 2010 21:07, Till Maas wrote:
> > The upstream release monitoring tool (formerly fever) is not really used
> > to identify such packages, because there is no process to identify
> > non-uptodate packages like there is a proc
On 15 May 2010 21:07, Till Maas wrote:
> On Sat, May 15, 2010 at 10:19:50AM -0500, Matt Domsch wrote:
>> On Tue, May 11, 2010 at 01:26:53PM -0800, Jeff Spaleta wrote:
>> > What we have is the orphaning (a proactive process) and awol
>> > maintainer processes (a reactive process).. we don't have an
On Sat, May 15, 2010 at 10:19:50AM -0500, Matt Domsch wrote:
> On Tue, May 11, 2010 at 01:26:53PM -0800, Jeff Spaleta wrote:
> > What we have is the orphaning (a proactive process) and awol
> > maintainer processes (a reactive process).. we don't have an automated
> > process that helps us identify
On Tue, May 11, 2010 at 01:26:53PM -0800, Jeff Spaleta wrote:
> What we have is the orphaning (a proactive process) and awol
> maintainer processes (a reactive process).. we don't have an automated
> process that helps us identify potentially unmaintained packages to be
> concerned about.
Well, we
On 05/11/2010 07:30 PM, Jeff Spaleta wrote:
> On Tue, May 11, 2010 at 3:10 PM, Przemek Klosowski
> wrote:
>> This probably means at least a rudimentary application testing rig
>> and a discipline that identifies and deals with distressed packages.
>
> Does the ongoing work with AutoQA provide the
On Tue, May 11, 2010 at 05:47:48PM +0800, Chen Lei wrote:
> 2010/5/11 Rahul Sundaram
>
> > Hi
> >
> > https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
> >
> > Quake 3 engine needs to be updated. The current version has security
> > issues and breaks multiplayer in a couple of Quake3 based
On Tuesday 11 May 2010 18:51:08 Kevin Fenzi wrote:
> On Tue, 11 May 2010 15:37:51 +0200
>
> Jaroslav Reznik wrote:
> > On Tuesday 11 May 2010 13:08:53 Rahul Sundaram wrote:
> > > On 05/11/2010 03:43 PM, Daniel P. Berrange wrote:
> > > > Do we have a security team who evaluate security issues that
On Tue, May 11, 2010 at 3:10 PM, Przemek Klosowski
wrote:
> This probably means at least a rudimentary application testing rig
> and a discipline that identifies and deals with distressed packages.
Does the ongoing work with AutoQA provide the solution you are looking for?
http://fedoraproject.o
On 05/11/2010 05:26 PM, Jeff Spaleta wrote:
> On Tue, May 11, 2010 at 1:47 AM, Chen Lei wrote:
>> It seems a lot of trivial packages in fedora are unmaintained for a long
>
> I dispute your claim that there are "a lot."
>
> Yes we are going to have things fall through the cracks. But I've
> seen no
On Tue, May 11, 2010 at 2:14 PM, Till Maas wrote:
> I use the non-responsive process or active nagging quite a lot, since I
> often stumble upon such packages (it already happend twice to youtube-dl
> that the current maintainer did not have enough time). Thankfully the
> start of the non-responsi
On Tue, May 11, 2010 at 11:10:39AM -0800, Jeff Spaleta wrote:
> On Tue, May 11, 2010 at 10:57 AM, Jon Ciesla wrote:
> > Well, no, not if there's an easy way to find the existing stuff. Is
> > there a way to extract this info from Bugzilla? I'd stick that query in
> > my bookmarks and peek at it
On Tue, May 11, 2010 at 01:26:53PM -0800, Jeff Spaleta wrote:
> How often does the AWOL maintainer process get used? Very rarely. If
> there were a lot of "unmaintained" packages I would expect to see the
> AWOL process be firing all the time as people reacted to missing
> maintainers.
I use the
On Tue, May 11, 2010 at 1:47 AM, Chen Lei wrote:
> It seems a lot of trivial packages in fedora are unmaintained for a long
I dispute your claim that there are "a lot."
Yes we are going to have things fall through the cracks. But I've seen
no analysis and no tools which would help us identify th
Am Dienstag, den 11.05.2010, 17:47 +0800 schrieb Chen Lei:
>
>
> 2010/5/11 Rahul Sundaram
> Hi
>
> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
>
> Quake 3 engine needs to be updated. The current version has
> security
> issues
On 05/11/2010 02:10 PM, Jeff Spaleta wrote:
> On Tue, May 11, 2010 at 10:57 AM, Jon Ciesla wrote:
>
>> Well, no, not if there's an easy way to find the existing stuff. Is
>> there a way to extract this info from Bugzilla? I'd stick that query in
>> my bookmarks and peek at it every couple da
On Tue, May 11, 2010 at 10:57 AM, Jon Ciesla wrote:
> Well, no, not if there's an easy way to find the existing stuff. Is
> there a way to extract this info from Bugzilla? I'd stick that query in
> my bookmarks and peek at it every couple days.
Indeed. I'd like to use my proven powers for good
On 05/12/2010 12:27 AM, Jon Ciesla wrote:
> Well, no, not if there's an easy way to find the existing stuff. Is
> there a way to extract this info from Bugzilla? I'd stick that query in
> my bookmarks and peek at it every couple days.
>
You might want to get in touch with the security team.
On 05/11/2010 01:29 PM, Bill Nottingham wrote:
> Jon Ciesla (l...@jcomserv.net) said:
>
This seems like rather a major shortcoming in our processes. A security
team whom can merely file bugs& has no power to ensure security flaws
are fixed in a timely manner is not good for Fed
Jon Ciesla (l...@jcomserv.net) said:
> >> This seems like rather a major shortcoming in our processes. A security
> >> team whom can merely file bugs& has no power to ensure security flaws
> >> are fixed in a timely manner is not good for Fedora.
> >>
> >>
> > Sure would be good to have vol
On 05/11/2010 12:05 PM, Jesse Keating wrote:
> On Tue, 2010-05-11 at 12:31 +0100, Daniel P. Berrange wrote:
>
>> This seems like rather a major shortcoming in our processes. A security
>> team whom can merely file bugs& has no power to ensure security flaws
>> are fixed in a timely manner is n
On Tue, 2010-05-11 at 12:31 +0100, Daniel P. Berrange wrote:
> This seems like rather a major shortcoming in our processes. A security
> team whom can merely file bugs & has no power to ensure security flaws
> are fixed in a timely manner is not good for Fedora.
>
Sure would be good to have volu
On Tue, 11 May 2010 15:37:51 +0200
Jaroslav Reznik wrote:
> On Tuesday 11 May 2010 13:08:53 Rahul Sundaram wrote:
> > On 05/11/2010 03:43 PM, Daniel P. Berrange wrote:
> > > Do we have a security team who evaluate security issues that are
> > > filed against any package, and who have the privileg
On Tue, May 11, 2010 at 6:37 PM, Michael Schwendt wrote:
> On Tue, 11 May 2010 13:10:42 +0200, Xavier wrote:
>
>> >>> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
>
>> I definitively missed that one.
>
> Like to comment on your other packages? Are there any packages where
> you would app
On Tue, 11 May 2010 13:10:42 +0200, Xavier wrote:
> >>> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
> I definitively missed that one.
Like to comment on your other packages? Are there any packages where
you would appreciate co-maintainers?
For example, "soundconverter" has 8 open tic
On Tue, May 11, 2010 at 04:38:53PM +0530, Rahul Sundaram wrote:
> On 05/11/2010 03:43 PM, Daniel P. Berrange wrote:
> >
> > Do we have a security team who evaluate security issues that are filed
> > against any package, and who have the privileges to immediately fix the
> > CVE should the maintai
On Tue, May 11, 2010 at 08:30:41AM -0500, Jon Ciesla wrote:
> On 05/11/2010 04:07 AM, Rahul Sundaram wrote:
> > Hi
> >
> > https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
> >
> > Quake 3 engine needs to be updated. The current version has security
> > issues and breaks multiplayer in a coup
On Tuesday 11 May 2010 13:08:53 Rahul Sundaram wrote:
> On 05/11/2010 03:43 PM, Daniel P. Berrange wrote:
> > Do we have a security team who evaluate security issues that are filed
> > against any package, and who have the privileges to immediately fix the
> > CVE should the maintainer not be respo
On 05/11/2010 04:07 AM, Rahul Sundaram wrote:
> Hi
>
> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
>
> Quake 3 engine needs to be updated. The current version has security
> issues and breaks multiplayer in a couple of Quake3 based games such as
> OpenArena. The maintainer has not resp
On Tue, May 11, 2010 at 04:38:53PM +0530, Rahul Sundaram wrote:
> On 05/11/2010 03:43 PM, Daniel P. Berrange wrote:
> >
> > Do we have a security team who evaluate security issues that are filed
> > against any package, and who have the privileges to immediately fix the
> > CVE should the maintai
On Tue, May 11, 2010 at 11:56 AM, Mamoru Tasaka
wrote:
> Michael Schwendt wrote, at 05/11/2010 06:37 PM +9:00:
>> On Tue, 11 May 2010 14:37:22 +0530, Rahul wrote:
>>
>>> Hi
>>>
>>> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
>>>
>>> Quake 3 engine needs to be updated. The current versi
On 05/11/2010 03:43 PM, Daniel P. Berrange wrote:
>
> Do we have a security team who evaluate security issues that are filed
> against any package, and who have the privileges to immediately fix the
> CVE should the maintainer not be responsive enough wrt the severity of
> the security problem ?
On Tue, May 11, 2010 at 03:29:53PM +0530, Rahul Sundaram wrote:
> On 05/11/2010 03:26 PM, Mamoru Tasaka wrote:
> > Xavier responsed to rubygem-json related bug recently:
> > https://bugzilla.redhat.com/show_bug.cgi?id=589801
> >
> > So I guess trying to re-contact him is better.
> >
>
> And mea
On 05/11/2010 03:26 PM, Mamoru Tasaka wrote:
> Xavier responsed to rubygem-json related bug recently:
> https://bugzilla.redhat.com/show_bug.cgi?id=589801
>
> So I guess trying to re-contact him is better.
>
And meanwhile leave the unaddressed security issues and prominent bugs
open for more da
Michael Schwendt wrote, at 05/11/2010 06:37 PM +9:00:
> On Tue, 11 May 2010 14:37:22 +0530, Rahul wrote:
>
>> Hi
>>
>> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
>>
>> Quake 3 engine needs to be updated. The current version has security
>> issues and breaks multiplayer in a couple of Q
2010/5/11 Rahul Sundaram
> Hi
>
> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
>
> Quake 3 engine needs to be updated. The current version has security
> issues and breaks multiplayer in a couple of Quake3 based games such as
> OpenArena. The maintainer has not responded in bugzilla s
On Tue, 11 May 2010 14:37:22 +0530, Rahul wrote:
> Hi
>
> https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
>
> Quake 3 engine needs to be updated. The current version has security
> issues and breaks multiplayer in a couple of Quake3 based games such as
> OpenArena. The maintainer has no
Hi
https://admin.fedoraproject.org/pkgdb/acls/bugs/quake3
Quake 3 engine needs to be updated. The current version has security
issues and breaks multiplayer in a couple of Quake3 based games such as
OpenArena. The maintainer has not responded in bugzilla since March and
has not responded to pri
43 matches
Mail list logo
