From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 2D74C1580B9 for ; Fri, 27 Aug 2021 14:12:57 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CCED4E0877; Fri, 27 Aug 2021 14:12:51 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 6D7B9E086B for ; Fri, 27 Aug 2021 14:12:51 +0000 (UTC) Date: Fri, 27 Aug 2021 09:12:47 -0500 From: John Helmert III To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Stabilization Detached from Security Bugs Message-ID: References: <3c9338a2657a76ef094aee247ebd2229ffa50812.camel@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Re4tmSt/zEhxI4Ie" Content-Disposition: inline In-Reply-To: <3c9338a2657a76ef094aee247ebd2229ffa50812.camel@gentoo.org> X-Archives-Salt: 71793022-881f-4689-9805-1b8a3f6b8b93 X-Archives-Hash: 0084a5b6f52dc7edce73b74528ebb571 --Re4tmSt/zEhxI4Ie Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Aug 27, 2021 at 08:58:35AM +0200, Micha=C5=82 G=C3=B3rny wrote: > On Thu, 2021-08-26 at 19:11 -0500, John Helmert III wrote: > > In the past, stabilization for security bugs would be handled directly > > in that security bug. After some discussion on the gentoo-dev mailing > > list [1], there was some consensus on modifying this workflow to > > separate stabilization from security bugs. Going forward, separate bugs > > should be filed for security stabilizations and then the security bug > > will have a dependency on its stabilization bug. >=20 > Great! I can make the field invisible on security bugs when you've > confirmed that all pending stabilizations are finished. Or without > that, if you prefer ;-). Sure! But let's at least wait until we're done with the pending security bugs which have CC-ARCHES [1], just to keep churn (and work for us) a bit lower. [1] https://bugs.gentoo.org/buglist.cgi?email1=3Dsecurity%40gentoo.org&emai= lassigned_to1=3D1&emailtype1=3Dsubstring&f1=3Dkeywords&list_id=3D5758333&o1= =3Dsubstring&query_format=3Dadvanced&resolution=3D---&v1=3DCC-ARCHES --Re4tmSt/zEhxI4Ie Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEElFuPenBj6NvNLoABXP0dAeB+IzgFAmEo8twACgkQXP0dAeB+ IziIehAAqFM8/CDW41WXtwHQG4b++taHmM1vTTJcugv5iZMaPMl/pibOKVuRiI4o 60D/QWSrQzjQZRzZEH4gqZJ0RN1eaqy8t7DILIKVQ0pxV6yfemirbD8/7HhtHs3o PXu0ly/0jg1VTUQ8gNwsO46AAHzyvQ7sCRBJHOwFkUmQ8pgS5C81FheV9jIMEbVK OAAKXdtk0EPZJN2WJSmin3z8IS8UTYnBQQOJhkte+Ses2crs/WX9s29PL/ubDwYY dW5zypNCOnpGHeSvoUr4QoxubzxqCpz+gdctaQCV9D8lCyv6NHl+WfthD0v1EvT1 1Lq8EvawsLKpDCr9+1RyXvwwFzmM+ANlsMG5B/RuhzPmd8qj8SLcI36l3U5IXiIL 5xQm/cgsQeNitkqc1IHCIaXPdSO6MXBSj/tWUT5Ww6CXO4FRaMWrYnm4B1vloLNV eRxQ6Q+eIu+0UORq3mQEPhU+HOMVqY/xpgj+nN3MKdUAQ48agPjYCOIeWx9l7Q6r tusii9doPI3T6JoI08V80WIxVVezZpVIqTW7OMvpykLMWVzqk+VUha7iEgR6JoA5 ONsV4xelaMpm2OHZBNnUF2uBtJDgrsw5IG0hcMEXipc45FFXuRcSGofR5BuCIAGX GTJ39djhbI2shNEsZCXecUI5lSlKaWWU9bnzyfTef0zd7JJCLrI= =yTQX -----END PGP SIGNATURE----- --Re4tmSt/zEhxI4Ie--