public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download: 
* Re: [gentoo-dev] Regarding long delays on GLSA generation
  @ 2014-01-18 16:30 99%   ` Pacho Ramos
  0 siblings, 0 replies; 1+ results
From: Pacho Ramos @ 2014-01-18 16:30 UTC (permalink / raw
  To: gentoo-dev; +Cc: security

El sáb, 18-01-2014 a las 17:02 +0100, Alex Legler escribió:
> On 18.01.2014 16:34, Pacho Ramos wrote:
> > Was looking to existing gedit bug reports and I found:
> > https://bugs.gentoo.org/show_bug.cgi?id=257004
> > 
> > That is only one more example of a really old bug report still opened
> > and waiting for a GLSA. Was wondering what really causes this long
> > delays, can't GLSA be done automatically?
> 
> Nope. But we do make constant refinements to speed up the process.
> 
> > Would a GLSA even have any
> > sense for cases like this (after 5 years)
> > 
> 
> Yope. (I've answered this questions a trillion times by now, so care to
> use $searchengine?)
> 
> > Thanks for your help
> > 
> > 
> 
> Not sure what you wanted to achieve by sending this email. Posting
> $old_bug assigned to a specific team to -dev to point fingers at them is
> just lame, as I'm pretty sure there's bug skeletons in every team's closet.
> 
> Appreciatively of your appreciation of our efforts,
> Alex
> 

What I want to achieve is to try to get this problem solved, I don't
think has any sense to have pending GLSA bugs waiting for ages (yes,
ages), I see this for really a lot of packages, the pointed one was only
one example, but there are many more (like glib, dotnet stuff...)

Regarding sending this to the whole list (well, I don't understand why
people in security team want to not get gentoo-dev ML involved), I
simply did that as I though maybe some help/suggestions could be needed
taking care clearly the security team is not able to fix this situation
for really a long time and, hopefully, some other people could help with
their effort and ideas to fix this long standing issue.

The issue is still present even if we don't talk about it and keep
simply ignoring all bug reports assigned to security and accumulating
for years. The idea is to try to solve the situation, not to point to
you, I didn't pointed to you, you will know why do you feel offended
about this.



^ permalink raw reply	[relevance 99%]

Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2014-01-18 15:34     [gentoo-dev] Regarding long delays on GLSA generation Pacho Ramos
2014-01-18 16:02     ` Alex Legler
2014-01-18 16:30 99%   ` Pacho Ramos

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox