On Mon, 30 Jul 2007, Tim Hull wrote:
In the case of Iceweasel, stable already has 2.0.0.5, as this was a security update. There is supposed to be a testing security team, but evidently they haven't gotten around to the Iceweasel fix. Honestly, it is a bit weird - but a fact of the release system - that testing is actually *behind* stable in the particular case.Isn't this why the testing security team was formed, to address situations where there needs to be security fixes for testing like this? Is it still operational? If so, I'm just curious if they need help, as this is one area that could improve desktop usage - having a "testing" distribution that can reasonably be used (which includes security fixes).
We are definitely short on man-power, both for checking which vulnerabilities affect Debian (non-DDs ok) and for preparing and uploading fixes to testing security (DDs required). Help would be appreciated.
I have been putting off the ice* and xulrunner uploads so far, because I have tried to get a way to copy uploads from stable-security to testing-security, instead. This would save a lot of work where the version in stable and testing are still the same. Unfortunately, I have not been successful, yet.
But I agree that the situation with ice* and xulrunner is bad, and I will hopefully find some time to make uploads soon.
Cheers, Stefan