[CentOS-devel] progress?

Wed Feb 23 12:39:16 UTC 2011
Florian La Roche <Florian.LaRoche at gmx.net>

On Sun, Feb 20, 2011 at 04:52:47PM -0500, R P Herrold wrote:
> On Sun, 20 Feb 2011, Jeff Johnson wrote:
> > CentOS may have lost 1 of its vendor-sec representatioves, 
> > but its a role that can be re-filled.
> Not sure what is meant there, but the vendor-sec process has 
> been relatively quiet of late.  Some updates ... thinking here 
> of the recent OpenJDK set ... never passed on that list as to 
> a co-ordinated release date. The real problem in CentOS' 
> presence there is that as the project intentionally 'chases 
> the tail-lights' to follow the upstream, warts and all, we 
> rarely have anything to offer in the vendor-sec list

The time to exchange on security issues is for sure much higher
than the efford to recompile rpms again for CentOS.

I think having CentOS presence there is still the right thing
as the whole point of vendor-sec is to build a small group where
information is shared, knowing that most people more read from this
than actually contribute.

best regards,

Florian La Roche