[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: STABLE: Please review madwifi_0.9.2+r1842.20061207-2etch1

On Sun, Jun 10, 2007 at 06:14:48PM +0200, Julien Danjou wrote:
> At 1181466754 time_t, Lo??c Minier wrote:
> >         Hey,
> > 
> >  I've uploaded madwifi_0.9.2+r1842.20061207-2etch1 prepared by Kel
> >  Modderman with the attached interdiff; it contains security fixes.
> >  Please review and accept.
> Why is this not handled by security team?

They've asked the security team a number of times for an
update. Though the security team may have never formally said 'no' for
this one, I have seen members assert before that non-free updates need
to go through SRM. In lieu of a formal response from the security team
(I was not a member then), I sent the madwifi maintainers the
following response last time they asked:

On Thu, May 24, 2007 at 11:13:47AM -0600, dann frazier wrote:
> hey Kel,
>  I've seen other people on the security team suggest that non-free
> updates go in via a stable update. In which case, I suggest forwarding
> this onto debian-release as described here:
>  http://lists.debian.org/debian-devel-announce/2007/04/msg00005.html

Of course, the security FAQ suggests that the security team *would*
normally release advisories for non-free stuff, if someone else does
the rest of the work:

I'm now on the security team and I don't mind doing this advisory,
assuming there's no objections from the security team - nor do I have
any objections about introducing these fixes via stable instead.

dann frazier

Reply to: