As you guys probably know by now, we have a patch for a critical security vuln. Although it was disclosed publicly, the packagers were notified on the kde-packager list today and we're giving packagers a couple of days to roll new packages (Monday is a holiday here in the US).
However, the security policy says to contact the release coordinators in the event of a situation where an immediate fix is necessary. I'm not sure whether this is simply so one of you guys can put it out on kde-announce or whether it's because we're supposed to roll new, patched tarballs. So consider this my notification to you guys that whatever it is that is supposed to be done needs to start getting done :-) Sorry to be vague, but I'll answer any direct questions if possible. --Jeff
signature.asc
Description: OpenPGP digital signature
_______________________________________________ release-team mailing list [email protected] https://mail.kde.org/mailman/listinfo/release-team
