Re: Bits from the Security Team
On Sun, Mar 09, 2008 at 11:05:11PM +0100, Moritz Muehlenhoff wrote:
> The Security Team is now using Request Tracker to coordinate work
> and our RT processes have already been refined a lot.
> If you're a package maintainer working towards a security update,
> you're now encouraged to open a ticket directly. You will be kept in
> CC during the life time of the ticket. If you're opening a ticket for
> a security problem, which is not yet publicly known, e.g. if you've
> discovered it by yourself or if you have been contacted by upstream,
> please open a ticket in the "Security - Private" queue. These
> issues will only be visible by the Security Team.
Should the RT also be used for breackage caused by a security update?
E.g. Icedove is pretty broken since the last update:
Is the security team interested in this kind of information our should
this be handled by the maintainer?