Re: lts-cve-triage.py: patch to check no-dsa tags in already triaged issues

[Raphael Hertzog <hertzog@debian.org>]

On Tue, 25 Aug 2015, Santiago Ruano Rincón wrote:
> > Thus it would be better if we fixed packages listed in dla-needed.txt
> > even if the security team tagged the same issues as no-dsa afterwards.
> > 
> > What do you think?
> 
> I don't know. Is the no-dsa tag aimed to prioritize tasks or to avoid to
> upload unworthy changes, especially on important packages?

In general, I understand the "no-dsa" tag as, "would be nice to fix, but
issue is not important enough to justifiy the workload it would impose on the
security team".

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/