[CentOS-devel] Awaiting C-5 Updates.

Thu May 27 18:15:06 UTC 2010
Ned Slider <ned at unixmail.co.uk>

On 05/27/2010 04:44 PM, R P Herrold wrote:
> On Thu, 27 May 2010, Ned Slider wrote:
>
>>> Alan Bartlett<ajb at elrepo.org>
>>> [1] http://www.centos.org/modules/newbb/viewtopic.php?topic_id=26452&forum=37
>
>> https://www.centos.org/modules/newbb/viewtopic.php?topic_id=26230&forum=37
>
> no pleasing the forum users it seems, and no bugs filed
>
> no bug number, no problem
>

You are kidding, right? So a Critical Security Update has been available 
for Firefox for nearly 2 months but we should all stick our heads in the 
sand and ignore it because no one bothered to file a bug to remind the 
Project that upstream released a security update. But hey, lets take 
some collective responsibility here - did no one really notice there are 
security updates missing for this length of time? There are supposedly 
~3 million CentOS users and not one of them thought to file a bug 
report, including 10 or so core devs.

Out of interest, at what point should a bug report be filed? The moment 
upstream releases an update? 24hours later? 48 hours? 1 month? How late 
is late when the policy is when it's ready?

Anyway, here's the bug report for the missing Firefox update:

http://bugs.centos.org/view.php?id=4342


> Perhaps the forums should be shut down, as one off
> participants will not read the mailing lists and will not file
> bugs, ** and ** the people purporting to want to manage the
> forums cannot bring themselves to say: use existing suport
> machanisms, or file the bugs for people unwilling or unable to
> do so
>

The Forums are an existing support mechanism - or at least they have 
been since at least 2004/5. What looks bad is when those managing the 
support channels have no clue when the security updates might appear or 
why they are delayed in the first place.