On Tue, Apr 30, 2002 at 07:04:06PM +1000, Anthony Towns wrote: > Unfortunately, that's exactly where we've dropped the ball: the security > team presently don't have the resources to handle security advisories > for woody [0]. While there has been a plan in place for roughly a year > on how to handle this ("rbuilder", for those playing along at home), > it hasn't been successfully rolled out across more than a handful > of the architectures we wish to support, and it further doesn't seem > like trying to rush it now will be particularly effective. As such, > an alternate arrangement, involving some moderately significant changes > to the existing autobuilder system are being made, which should become > active over the next week or so. > Naturally, we will not be making the woody release until we have a viable > mechanism for making timely security updates. Are you (or the security team) able to give us more information about specifically which architectures rbuilder is still needed for? I can't recall any directed requests for assistance sent to either the port lists I follow or to debian-devel. I'm interested in making sure both that the ports I depend on will have security updates available, and that other ports have an opportunity to protect their interests as well. While I've heard it bemoaned that the porters aren't stepping forward to get rbuilder in place, no member of the security team that was on IRC when I inquired was able to tell me whether a particular port of interest even had an rbuilder setup. Clearly, getting the current autobuilders fixed up to handle the load should be the top priority; but it sounds like the /wish/ is for this to be a temporary solution. Steve Langasek postmodern programmer
Attachment:
pgpGT2VgHZkN0.pgp
Description: PGP signature