Date: Wed, 22 Apr 2009 14:30:49 +0100 From: Shaun Amott <shaun@FreeBSD.org> To: Mark Foster <mark@foster.cc> Cc: freebsd-ports@FreeBSD.org Subject: Re: ports/132800: vuxml submission for net-im/ejabberd Message-ID: <20090422133048.GA85102@charon.picobyte.net> In-Reply-To: <49E8A264.7000001@foster.cc> References: <49E8A264.7000001@foster.cc>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 17, 2009 at 08:38:12AM -0700, Mark Foster wrote: > > I'm following up regarding this apparent maintainer timeout. It's not my > intention to place blame, but to me it is unacceptable that important > security (vuxml) updates are sometimes blocked by unresponsive > maintainers. It is not in the best interest of the users or FreeBSD to > let these things slip. > > The vuxml updates should be reviewed & committed without waiting on the > maintainer of the port. Perhaps a simple non-blocking heads-up (Cc:) to > the maintainer is more appropriate. Once publicized, the security > notifications (via portaudit) become known to a wider, targetted > audience. This establishes an important feedback loop as opposed to > keeping the problem a "secret", since the users are more likely to > either nudge the maintainer for an update to the port or submit one (via > send-pr) themselves. > Sorry about this - I forgot about this particular PR. VuXML entries often do get fast-tracked if they are particularly serious. In fact, I'm not sure the usual maintainer timeout even applies. However, I do think maintainers should be consulted, as it is not always clear if a bug affects the FreeBSD build of a given piece of software; sometimes the issue may even have been patched already in a port. -- Shaun Amott // PGP: 0x6B387A9A "A foolish consistency is the hobgoblin of little minds." - Ralph Waldo Emerson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090422133048.GA85102>