[CentOS-devel] Awaiting C-5 Updates.

Ned Slider

ned at unixmail.co.uk
Thu May 27 18:15:06 UTC 2010

On 05/27/2010 04:44 PM, R P Herrold wrote:
> On Thu, 27 May 2010, Ned Slider wrote:
>>> Alan Bartlett<ajb at elrepo.org>
>>> [1] http://www.centos.org/modules/newbb/viewtopic.php?topic_id=26452&forum=37
>> https://www.centos.org/modules/newbb/viewtopic.php?topic_id=26230&forum=37
> no pleasing the forum users it seems, and no bugs filed
> no bug number, no problem

You are kidding, right? So a Critical Security Update has been available 
for Firefox for nearly 2 months but we should all stick our heads in the 
sand and ignore it because no one bothered to file a bug to remind the 
Project that upstream released a security update. But hey, lets take 
some collective responsibility here - did no one really notice there are 
security updates missing for this length of time? There are supposedly 
~3 million CentOS users and not one of them thought to file a bug 
report, including 10 or so core devs.

Out of interest, at what point should a bug report be filed? The moment 
upstream releases an update? 24hours later? 48 hours? 1 month? How late 
is late when the policy is when it's ready?

Anyway, here's the bug report for the missing Firefox update:


> Perhaps the forums should be shut down, as one off
> participants will not read the mailing lists and will not file
> bugs, ** and ** the people purporting to want to manage the
> forums cannot bring themselves to say: use existing suport
> machanisms, or file the bugs for people unwilling or unable to
> do so

The Forums are an existing support mechanism - or at least they have 
been since at least 2004/5. What looks bad is when those managing the 
support channels have no clue when the security updates might appear or 
why they are delayed in the first place.

More information about the CentOS-devel mailing list