Am 04.05.2016 um 12:46 schrieb Marcus Meissner:
On Wed, May 04, 2016 at 12:11:50PM +0200, Daniel Bauer wrote:
Am 04.05.2016 um 12:02 schrieb Marcus Meissner:
... We can only build un-embargoed software in the OBS, so we got submits there yesterday after the issue went public. ...
This awakens my interest. Can you tell what embargoes exist?
For various security issues (not all of them) the SUSE Security Team gets heads up notifications some days before the public release of such incidents.
The term in use is "responsible disclosure".
https://en.wikipedia.org/wiki/Responsible_disclosure
The idea is that updates can be prepared and then released on time, as this process takes some days usually.
With the open nature of openSUSE it is more difficult to prepare updates before hand.
OBS has the concept of read protection, but mistakes could be made during processing and then the information would leak and we would not be getting heads up information anymore.
Ciao, Marcus
Seems reasonable to me. Thanks for the clarification. Daniel -- Daniel Bauer photographer Basel Barcelona http://www.daniel-bauer.com room in Barcelona: https://www.airbnb.es/rooms/2416137 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org