[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NMU rules for security fixes (was: DEP1: Clarifying policies and workflows for Non Maintainer Uploads)

On Sat, Apr 26, 2008 at 12:32 AM, Nico Golde <nico@ngolde.de> wrote:

>  What about introducing a special case regarding the waiting
>  period before uploading an NMU for security bugs? There are
>  often cases in which we already have a patch handy to fix a
>  security issue but still wait a few days on the maintainers
>  reaction.
>  The 0-day NMU rules at the moment are already
>  helpful here but I also consider 7 days of waiting period as
>  unacceptable for security fixes and not all maintainers are
>  on the Low-Treshold-NMU list.

I'd prefer the security team did not delay fixes at all by default.
Exceptions for specific maintainers, transitions or other reasons are
fine too of course.



Reply to: