Re: handling open security problems in woody with the BTS (here: the kernel)[was: Re: Bug#176178 acknowledged by developer (do not reopen)]
On Sun, Apr 06, 2003 at 01:25:12PM +0200, Noèl Köthe wrote:
> I know the maintainer cannot do anything and have to wait for a DSA or
> for the next 3.0rX Debian version where the stable release manager will
> add a fixing package to Debian but these are the only possible ways how
> to fix a woody taged bug.
As far as I know the maintainer can do lots of things to help to get
out a DSA for his package like providing patches for the security team,
building/testing it on a stable machine and writing the actual DSA
including the relevant CVE/CERT Ids and forward it to the security team.