On Tue, Dec 07, 2021 at 02:13:46PM +0100, Ondřej Holý wrote: > Hi all, > > do you have any idea why CVE bugs are being filed for Fedora EPEL > product in the case of the freerdp component > (https://src.fedoraproject.org/rpms/freerdp) when there aren't any > builds for epel7, or epel8? What needs to be done to avoid that, or is > this a normal approach for other components as well? Should I close > them as WONTFIX, or what is the expected workflow here?
Huh. Weird. I guess I'd say slow them WONTFIX and also mail whoever opened them asking why there were epel bugs filed? Or you could mail secalert AT redhat.com and ask them? I would expect no epel bugs in cases where there are no epel branches. kevin
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
