Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
On Tue, Aug 27, 2013 at 4:50 PM, Pau Garcia i Quiles wrote:
> On Tue, Aug 27, 2013 at 7:18 PM, Russ Allbery wrote:
>> > IMHO the Security Team should not act as fixers themselves but more as
>> > proxies, passing information about a security issue to the maintainer of
>> > the package.
>> And what happens then if the maintainer doesn't respond?
> Then, and only then, as a last resort, the Security Team / LTS Team takes
> care of the problem
I'm pretty sure that this is a kind of wishful thinking. History has
shown that people in debian will not tolerate being told what to do.
If you want an itch scratched, you simply have to scratch it yourself.
If you're interested in improving debian security, please become a contributor: