[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: reportbug: please inform security and lts teams about security update regressions

Hi Markus,

On Wed, Dec 13, 2017 at 01:34:05PM +0100, Markus Koschany wrote:
> Hi Salvatore,
> Am 12.12.2017 um 07:19 schrieb Salvatore Bonaccorso:
> [...]
> > I have made the above change now live/commited. The file is still thus
> > extensible and for futher (and future use). Thanks for your work on
> > that! (as a personal note on my side, would have prefered to get less
> > pressure).
> Sorry, I didn't want to put pressure on you. The email was just a
> declaration of intent to NMU reportbug in Wheezy and a last call for
> further suggestions. I haven't got a reply from Sandro yet. I filed
> #878088 on 9.10 and attached my initial patch, pinged the bug report
> again on 3.11, asked for feedback on both mailing lists on 28.11,
> incorporated requested changes in the following days and eventually send
> the final call on 10.12. I believe there was plenty of time to react. If
> there is anything to change we can always do that in a another revision.

Don't worry anymore. It was as well not about all the timeline, I'm
aware when you did the initial ping, but rather on the "we think it
needs a change on security tracker and want this information exposed
... I want to do the wheezy update next week"-part.

> +        if is_security_update and support != 'none':
> +            if support == 'lts':
> +                email_address = ['debian-lts@lists.debian.org']
> +            else:
> +                email_address = ['team@security.debian.org']
> +            listcc.extend(email_address)
> +

I did not had much time recently, so I'm a bit late. I would be nice
here if that follows as well the intention of the file with the
support field, that is (beware only "pseudcode"):

if is_security_update and support != 'none':
    if support == 'lts':
        email_address = ['debian-lts@lists.debian.org']
    elif support == 'security"
        email_address = ['team@security.debian.org']
        # nothing at at the moment, no more cases right now
that is, in case we add another support value (you remember there was
once testing-security? ;-)) this can be done.

I realize though you did now already upload the wheezy version, and
the unstable version as delayed, so guess we will need to leave it

Thanks for doing that work, let's see how it goes when we get reports.


Reply to: