[Secure-testing-team] Security update for fuse
Andrew Pollock
apollock at debian.org
Wed Jun 8 21:20:37 UTC 2005
On Wed, Jun 08, 2005 at 10:27:10AM -0500, Micah Anderson wrote:
> On Wed, 08 Jun 2005, Andrew Pollock wrote:
> >
> > I think the biggest misnomer with testing-security is its name. Think of it
> > as sarge-security. This is why it was a blocker for the release - we needed
>
> I disagree. The original intention of the secure-testing-team was not
> to be a temporary organization that went away when sarge released.
> Before sarge released it could have been viewed as "sarge-security" as
> sarge was "testing", but now that release has happened,
> "sarge-security" is in the hands of the "Secutiry Team".
Don't get me wrong, I'm talking about testing-security the infrastructure,
not testing-security the team.
> Now that sarge has released, this group is going to continue on in the
> vein that Joey Hess outlined in the section of his email[1] titled
> "Work after sarge's release". Most notably, "to start regular security
> updates for testing". Testing meaning testing, not sarge. It *was*
> sarge a few days ago, but it is no longer.
>
> 1. http://lists.debian.org/debian-security/2004/10/msg00166.html
Sure. So the first thing we need to be lobbying for is new security
infrastructure for testing. Whether the rest of the project decides this is
a priority remains to be seen though, right?
regards
Andrew
More information about the Secure-testing-team
mailing list