On 09-02-2011 08:57:25 -0500, Rich Freeman wrote: > Perhaps we should target having glsas published within a certain > amount of time after a vulnerability is disclosed, whether corrected > or not. We could re-publish a final notice once all is well. We > really shouldn't consider users safe from a security vulnerability > until the vulnerability is patched in the tree AND the notice to > update has been sent out.
Excellent, take this up with the security team. Reevaluate which archs are security supported, and see if you can get a timeout policy implemented. -- Fabian Groffen Gentoo on a different level
