[Secure-testing-team] security support after lenny release

[Stefan Fritsch]

Hi,

WRT the paragraph I added to the bits mail. Directly after etch's 
release, security support of lenny didn't work.

For this to not happen again, we would need

- working buildds. I talked with zobel about this. Hopefully 
wannabuild/sbuild/whatever will be changed to use stable+testing 
instead of code names. In the current state, the buildd chroots must 
be manually recreated after a stable release. After etch release it 
took three weeks to have all buildds working again.

- a way to copy releases from stable-security to testing-security 
(#446394), since many packages will be blocked from migration.

If we don't get these two, we should drop security support for testing 
for 2 months after a stable release. This might even make sense in 
any case, since there is nearly no advantage in running testing so 
shortly after a stable release.

This is not really a current problem, but since many people complained 
about the bad security support of lenny after etch's release, I think 
it would be good to mention it in the announcement mail.

Cheers,
Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071013/f791b046/attachment.pgp