On Tue, Aug 10, 2010 at 10:56:44AM +0000, Helmut Schneider wrote: > in the past I created a few PRs with patches for important security > updates for typo3. Unfortunately they all timed out. > > What is the time GNATS is waiting for feedback of the maintainer?
It's 14 days for a normal update or bugfix. For security problems, that doesn't matter: they should be fixed as soon as possible. If the security problem is not serious, I think it's fair to notify the maintainer before the commit; otherwise, it can go in immediately. > Does it make a difference if importance and/or severity are raised? No, not really. The values of these have been so over-set in GNATS that the only people that notice them are the bugbusting team. I try to keep the Severity=critical ones in order, but everything else is meaningless. > IMHO it is a problem if important security fixes are approved only > after a 14-day-or-more timeout. Are there mechanisms to avoid such a > delay? a) you can try adding "[security]" to the Synopsis line; this may help make it more visible. b) I will email the maintainer and ask if he is willing to transfer maintainership to you. In general, if people are having problems with how individual ports are maintained, they should email port...@freebsd.org and bring it to our attention directly. Thanks. mcl _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
