[Secure-testing-team] Etch security bug hunting season opened
Neil McGovern
neilm at debian.org
Tue Aug 15 21:13:34 UTC 2006
On Mon, Aug 14, 2006 at 09:12:54PM +0200, Moritz Muehlenhoff wrote:
> I started to raise severities of several security bugs. Unfortunately
> many maintainers only care for these :-/
>
> Please also file bugs for code duplication (embedding a copy) and
> package duplication (needlessly introducing multiple versions in
> a stable release), with at least severity important and keep me
> posted. We really need to have Etch is a better security maintainability
> than the current Sarge situation.
>
Ok, I'll try and go through the list and start filing/raising priorities
of bugs as soon as I get a chance.
> And please also have an eye for packages, which are too buggy to
> release security-wise. Crap like oftpd, elog or mantis should never
> have entered the archive at the first glance.
>
Is it worth subscribing to the wnpp list, and either commenting or
veto-ing packages?
Cheers,
Neil
--
<Tincho> 'Maybe you can try to find a nice hotel by shouting in the Mexico DF
streets "where could a gringo find a decent hotel in this dirty third
world lame excuse for a country?". I'm sure the people will rush to help
you, as we south americans love to be called third world in a demeaning way.'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20060815/3b138aea/attachment.pgp
More information about the Secure-testing-team
mailing list