[Secure-testing-team] Security update for fuse
Joey Hess
joeyh at debian.org
Thu Jun 9 02:33:40 UTC 2005
Steve Langasek wrote:
> Well, I recall that there were precisely zero instances in which the
> secure-testing team used the testing-security queue during sarge's
> preparation (related of course to the fact that only the security team has
> access to those queues); so after all, why should this be a priority?
I used the t-p-u queue multiple times for testing-security work. I
didn't see a distinction between that queue and the testing-security
queue that would make me choose one over the other.
I'd be happy to have either for etch.
> excellent work the secure-testing team has done during sarge's preparation
> seems to have depended on the proper working of the testing-security queue
> not at all.
About 50% of all security holes in testing at any given time for the
past 6 months have been held up by issues that can be entirely worked
around by the t-s queue. Some of those issues can be avoided in other
ways, but having a t-s queue will allow us to be assured that we can
make security fixes availale for testing in the timeframe we choose.
--
see shy jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050608/95819a6f/attachment.pgp
More information about the Secure-testing-team
mailing list