On 05/27/2010 04:44 PM, R P Herrold wrote: > On Thu, 27 May 2010, Ned Slider wrote: > >>> Alan Bartlett<ajb at elrepo.org> >>> [1] http://www.centos.org/modules/newbb/viewtopic.php?topic_id=26452&forum=37 > >> https://www.centos.org/modules/newbb/viewtopic.php?topic_id=26230&forum=37 > > no pleasing the forum users it seems, and no bugs filed > > no bug number, no problem > You are kidding, right? So a Critical Security Update has been available for Firefox for nearly 2 months but we should all stick our heads in the sand and ignore it because no one bothered to file a bug to remind the Project that upstream released a security update. But hey, lets take some collective responsibility here - did no one really notice there are security updates missing for this length of time? There are supposedly ~3 million CentOS users and not one of them thought to file a bug report, including 10 or so core devs. Out of interest, at what point should a bug report be filed? The moment upstream releases an update? 24hours later? 48 hours? 1 month? How late is late when the policy is when it's ready? Anyway, here's the bug report for the missing Firefox update: http://bugs.centos.org/view.php?id=4342 > Perhaps the forums should be shut down, as one off > participants will not read the mailing lists and will not file > bugs, ** and ** the people purporting to want to manage the > forums cannot bring themselves to say: use existing suport > machanisms, or file the bugs for people unwilling or unable to > do so > The Forums are an existing support mechanism - or at least they have been since at least 2004/5. What looks bad is when those managing the support channels have no clue when the security updates might appear or why they are delayed in the first place.