[Secure-testing-team] [pkg-horde] Security Management for Horde packages
Gregory Colpart
reg at evolix.fr
Thu Feb 7 19:56:15 UTC 2008
On Thu, Feb 07, 2008 at 07:57:56PM +0100, Nico Golde wrote:
> >
> > > Why not just sending a mail to the vendor-sec list?
> >
> > Because Gregory and Ola are not on that mailing list, and can't be,
>
> You can still be put in the CC though....
>
> > because not member of the Debian security teams? And having the
> > maintainers in the loop is a Good Thing (tm)?
>
> Writing to vendor-sec should be the correct solution at
> least that's what vendor-sec is exactly for, the vendors
> will get the problem, discuss patches and fix with
> upstream developers and other vendors...
I request that vendor-sec list will be subscribe to Horde vendor
list. Then Debian stable security team will have the informations
via vendor-sec and Debian maintainers also via horde-vendor.
Regards,
--
Gregory Colpart <reg at evolix.fr> GnuPG:1024D/C1027A0E
Evolix - Informatique et Logiciels Libres http://www.evolix.fr/
More information about the Secure-testing-team
mailing list