Long term improvement to Debian's security and LTS
Hello everybody,
with the current LTS funding level and the somewhat limited scope of squeeze,
and until the LTS team takes care of wheezy, we are likely to have some
spare hours to invest into improving the long-term state of Debian LTS.
That is instead of only taking care of providing security fixes we could
work a few hours on:
- improving the security infrastructure
- adding DEP-8 tests to packages with regular security updates
- work on security features targeting stretch packages
- work on stretch to make sure it can be supported over 5 years
(trying to identify packages which are too old/unsupported)
- whatever else you might think to be relevant
Note that https://www.freexian.com/services/debian-lts-details.html stated
since the start of the funding initiative that:
“Any surplus will be used to improve the security in Debian in
coordination with the Debian Security Team. For example, we could invest
in a better infrastructure that would also benefit the standard security
support, or we could work on proactive measures like adding automated
tests to avoid regressions on packages that are regularly updated with
security fixes. Another possibility is to work on additional security
hardening.”
Thus I'm putting the Debian security team in copy because I want their
input on what paid contributors should work towards.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Reply to: