On Sun, Feb 20, 2011 at 04:52:47PM -0500, R P Herrold wrote: > On Sun, 20 Feb 2011, Jeff Johnson wrote: > > > CentOS may have lost 1 of its vendor-sec representatioves, > > but its a role that can be re-filled. > > Not sure what is meant there, but the vendor-sec process has > been relatively quiet of late. Some updates ... thinking here > of the recent OpenJDK set ... never passed on that list as to > a co-ordinated release date. The real problem in CentOS' > presence there is that as the project intentionally 'chases > the tail-lights' to follow the upstream, warts and all, we > rarely have anything to offer in the vendor-sec list The time to exchange on security issues is for sure much higher than the efford to recompile rpms again for CentOS. I think having CentOS presence there is still the right thing as the whole point of vendor-sec is to build a small group where information is shared, knowing that most people more read from this than actually contribute. best regards, Florian La Roche