[Secure-testing-team] Security update for fuse

Micah Anderson micah at debian.org
Wed Jun 8 15:27:10 UTC 2005 

On Wed, 08 Jun 2005, Andrew Pollock wrote:

> On Tue, Jun 07, 2005 at 10:39:41PM -0500, Micah Anderson wrote:
> > On Mon, 06 Jun 2005, Joey Hess wrote:
> > 
> > > Micah Anderson wrote:
> > > > Additionally, should testing-security provide security notices (such
> > > > as DSA's)? If so, how would this work?
> > > 
> > > I believe that we should do this, but have been waiting for the release
> > > of sarge for it, since I'm not sure if we can do something to get the
> > > testing-security (and/or testing-proposed-updates) queues to remain
> > > functional after sarge is released, to get packages built against etch.
> > 
> > It seems as if testing-security has been renamed to stable-security,
> > so this queue is out. Also, from what I understand britney hasn't been
> > reenabled yet for etch, and since the release is so recent, this is
> > probably not people's highest priority. Maybe I'm a sarge
> > party-pooper, but I would rather not find out a month from now that
> > these queues were destroyed because nobody thought they were useful to
> > keep around anymore, but from what I've been able to find out -- there
> > simply aren't any.
> 
> I think the biggest misnomer with testing-security is its name. Think of it
> as sarge-security. This is why it was a blocker for the release - we needed

I disagree. The original intention of the secure-testing-team was not
to be a temporary organization that went away when sarge released.
Before sarge released it could have been viewed as "sarge-security" as
sarge was "testing", but now that release has happened,
"sarge-security" is in the hands of the "Secutiry Team". 

Now that sarge has released, this group is going to continue on in the
vein that Joey Hess outlined in the section of his email[1] titled
"Work after sarge's release". Most notably, "to start regular security
updates for testing". Testing meaning testing, not sarge. It *was*
sarge a few days ago, but it is no longer.

1. http://lists.debian.org/debian-security/2004/10/msg00166.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050608/da3f3295/attachment.pgp

More information about the Secure-testing-team mailing list