[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bad press related to (missing) Debian security - action

[Alvin Oga]
> i don't want any handholding ... other than access the the resources
> and info and/or question answer ..
> 	- in my case, i'd like to create test-sec.debian.org
> 	for which i cannot do anything about it unless i do get
> 	some handholding and it's purpse to supplement the security
> 	patches that i see is lacking in "testing"
> 	( 2 or 3 months behind current releases is too far back for me )

Everybody have access to the resources used by the testing security
team.  If you start submitting updates there, I am sure your effort
will have positive effect.  There is no reason for you to wait for a
debian.org domain name.  If you want a new APT repository, you can
create it anywhere, and if it proves to be a good idea it can be made
available as test-sec.debian.org or something similar some time in the

The information about the testing security team is available from
<URL:http://secure-testing.alioth.debian.org/>, and the subversion
repository used to track security issues is publicly available.  Patch
submission into BTS can be done by anyone, and NMUs can be prepared by
anyone for review and upload by any Debian developer.  I am convinced
several of the Debian developers in the testing security team are
willing to do uploads.  And, when the issue is completely investigated
and the patch is available, the work left for the stable security team
will be much reduced. :)

So, no need to wait, just go ahead.

Reply to: