Re: Proposal/suggestion for security team w.r.t. published vulerabilities

To: debian-security@lists.debian.org
Subject: Re: Proposal/suggestion for security team w.r.t. published vulerabilities
From: Matt Zimmerman <mdz@debian.org>
Date: Sun, 18 Jul 2004 20:11:47 -0700
Message-id: <[🔎] 20040719031147.GZ4090@mizar.alcor.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20040706180636.GL9109@A-Eskwadraat.nl>
References: <[🔎] 20040706180636.GL9109@A-Eskwadraat.nl>

On Tue, Jul 06, 2004 at 08:06:36PM +0200, Jeroen van Wolffelaar wrote:

> Or is there some reason filing bugs like I described here isn't
> wanted?

As you have repeatedly confirmed, the security team is very busy.
Generally, if an issue doesn't affect stable, I don't track it at all.
If an issue does affect stable, then when I release an advisory, I check
the package in unstable and file a bug if necessary.

Some people help track bugs in unstable by watching for new vulnerabilities
in public databases, verifying whether the bug is present in unstable, and
filing a bug if so.  It would be great if you would help with these efforts.
You do not need any authorization or information from the security team in
order to do so.

-- 
 - mdz

Reply to:

Follow-Ups:
- Re: Proposal/suggestion for security team w.r.t. published vulerabilities
  - From: Bradley Alexander <storm@tux.org>

References:
- Proposal/suggestion for security team w.r.t. published vulerabilities
  - From: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>

Prev by Date: Ralf Oberhoffner/FRA/DIEHL-AVIONIK ist außer Haus.
Next by Date: Re: Proposal/suggestion for security team w.r.t. published vulerabilities
Previous by thread: Re: Proposal/suggestion for security team w.r.t. published vulerabilities
Next by thread: Re: Proposal/suggestion for security team w.r.t. published vulerabilities
Index(es):
- Date
- Thread