[Secure-testing-team] updated poppler package
Michael Gilbert
michael.s.gilbert at gmail.com
Mon Feb 21 18:55:37 UTC 2011
On Mon, 21 Feb 2011 19:42:28 +0100, Moritz Mühlenhoff wrote:
> On Mon, Feb 21, 2011 at 01:28:32PM -0500, Michael Gilbert wrote:
> > On Mon, 21 Feb 2011 18:48:23 +0100, Thijs Kinkhorst wrote:
> > > On Monday 21 February 2011 18:01:32 Michael Gilbert wrote:
> > > > As a non-DD, I don't have an RT account, so I can't make use of that
> > > > infrastructure, and even though I can use the readonly guest account,
> > > > I haven't really been following it since I can't actually do anything.
> > >
> > > In any case you can file new requests there directly
> > > (http://wiki.debian.org/rt.debian.org#SecurityTeam).
> >
> > I didn't realize that I could submit issues without an account. I'll
> > try to see how well that works in the future. Although, I still think
> > that RT is too much of a barrier to entry. The debian BTS is just so
> > nice; especially with reportbug and other tools already in widespread
> > use.
>
> The RT has a different focus. It's purpose is to organise the work of
> releasing/preparing a DSA among us.
Right, and I think that's a very good thing. I just wish that process
were more approachable to outsiders, and I think the BTS is a much
better system for that.
It should even be possible to switch to the BTS for all preparation.
For the embargoed issues, just use a link to the RT ticket, and treat
the BTS entry as organizational only (no technical info).
I know I'm being a bit of a pain by pushing this alternative, but its
somewhat discouraging as an outsider having no ability to participate in
certain parts of the security process just because of the infrastructure
in use.
> It doesn't replace the Security Tracker.
This doesn't have to do with the security tracker itself. It's more
about the openness of DSA preparation tracking.
Best wishes,
Mike
More information about the Secure-testing-team
mailing list