Re: Severity of security holes (was: Should (not) Bug#22941...)

[Brian White <bcwhite@verisim.com>]

> Mmm, well: Will you make a list of them, at least, so that they
> are upgraded to "important" again after hamm release?

If they're not "important" now, why would they become "important" in
the future?

This wasn't a temporary thing.  It was sitting back and taking a look at
how things were classified to see if that was reasonable.  My conclusion
was that it was not reasonable and thus was changed.


> I dislike your idea of downgrading a bug just "to be able to release
> hamm". Would not be better to know which important bugs have to be fixed,
> even if they do not delay the release? How will we know then that a fix is
> still allowed in hamm if they are not "important"?

Being able to release hamm was what caused me to sit back and take another
look at it.  They weren't changed just "to be able to release hamm".

I read the changelog file.  If the gains outweigh the risks (in my
opinion), then I put it in.

                                          Brian
                                 ( bcwhite@verisim.com )

-------------------------------------------------------------------------------
Debian GNU/Linux!  Search it at  http://insite.verisim.com/search/debian/simple


--  
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org