Hi, * Adam D. Barratt <adam@adam-barratt.org.uk> [2011-12-20 21:22]: > On Tue, 2011-12-20 at 09:44 +0100, Piotr O??arowski wrote: [...] > > > that's an admirable turn-around :-) it really should have been discussed > > > with the SRMs first, rather than simply uploading (I believe this is > > > well documented enough by now - if not, please point out where and how > > > we could make it clearer). > > > > ups, I assumed someone from SRMs is in the thread > > If the thread involved the security team saying "please fix this via > proposed-updates", there's an implied "by talking to the release team" > attached. We're generally not involved in such discussions until after > the security team have decided they don't want to issue a DSA for a > particular issue and someone raises it with us. We will not issue a DSA for this vulnerability. Please go ahead and fix this through spu. Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
pgppeU25NK3yV.pgp
Description: PGP signature