Re: [Openstack-devel] New proposed-updates diff: keystone 2012.1.1-13+wheezy1
On Fri May 10 2013 01:25:04 PM CST, Adam D. Barratt <adam@adam-barratt.org.uk> wrote:
> On Fri, 2013-05-10 at 13:19 +0800, Thomas Goirand wrote:
> > On Fri May 10 2013 01:05:55 PM CST, Adam D. Barratt
> > <adam@adam-barratt.org.uk> wrote:
> > > Was this upload discussed with anyone on the release team beforehand?
> >
> > With the release team no, with the security team,
> > yes (with Luciano).
>
> The security team aren't responsible for the management of
> proposed-updates; they can tell you that they're not planning on
> handling an issue via a DSA, but that just means that you should follow
> the usual procedure for a stable update.
Thanks for your very fast reply.
Hum... I am confused now...
In the past, I have uploaded some security updates
through stable-proposed-updates. Are you saying
that this is the wrong thing to do? If so, you
should IMO discuss that with the security team, as
it seemed to me that this was part of the procedure
so that they could check for the upload before
moving it to security.d.o. I do beleive that a DSA
is planned (and if it not, then we should).
Your thoughts? What should I do next?
Thomas
p.s: I added the security team in the loop, lets see
what they say.
Reply to: