On 12.09.2012 19:59, Pacho Ramos wrote: > Hello > > Currently, package maintainers are CCed to security bugs when their are > needed. The problem is that, once maintainers add a fixed version and > tell security team they are ok to get it stabilized, maintainers are > kept CCed until bug is closed by security team. This usually means > getting a lot of mail after some time when security team discuss if a > GLSA should be filled or not, if security bot adds some comment... some > of that comments are applied to really old bugs that need no action from > maintainers. > > Maybe would be interesting to change the policy to unCC maintainers > again when their action is no longer required. > > What do you think?
Sorta OT but a general thing: I think you should CC teams you want to talk to and not only use the gentoo-systemd-flamewars^W^W-dev mailing list where these teams might only find your post by chance. > > Thanks for your thoughts > -- Alex Legler <a...@gentoo.org> Gentoo Security/Ruby/Infrastructure
signature.asc
Description: OpenPGP digital signature
