[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: eglibc update for GHOST CVE-2015-0235


On 28/01/15 at 11:13 +0100, Holger Levsen wrote:
> Hi,
> On Mittwoch, 28. Januar 2015, Raphael Hertzog wrote:
> > Of course we do! That said the current LTS team doesn't have access
> > to embargoed information and thus nobody prepared the update in advance.
> Lucas now contacted me about this and he said he would try to start with some 
> informal discussions at FOSDEM about how to solve this. To accellerate this a 
> bit I've put him and the security team in cc: - as we both agreed an email 
> discussion first is also good. "Whatever works."

Yes, I was wondering how we could improve on the current status for the
handling of medium/high-severity issues, and I'm interested in the
Debian security team's opinion about that.

Should the Debian LTS team apply to join the linux-distros list as a
separate entity? Wouldn't the fact that 'Debian LTS team' is not as
strictly defined in terms of membership as e.g. 'Debian security team'
be a problem?

Should people interested in LTS join the Debian security team, to focus
more specifically on preparing LTS updates for embargoed issues (without
sharing them with the rest of the LTS team, which would break the
embargo)? How would that be welcomed by the Debian security team?


Attachment: signature.asc
Description: Digital signature

Reply to: