[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bad press again...



also sprach Petter Reinholdtsen <pere@hungry.com> [2005.08.27.2255 +0200]:
> I've been told that the current stable security team consist of one
> person doing the work, Martin Schulze.  If this "team" do not want new
> members, something strange is afoot.

At least one other member is working actively. However, uploads and
announcements still have to go through Joey, and from what I learnt,
the workflow processes in the team are archaic yet Joey doesn't want
to divert from them.

Note: this is all hearsay and may well be wrong. I'd love for Joey
to step in and give us the complete picture.

> And prospective security team members should start working in the
> testing security team.  There are no need to keep secrets (all is done
> in public),

Which doesn't address the problem that embargoed bugs are possibly
handled suboptimally in Debian.

And it does not address the problem that our security infrastructure
went down for a while and we found out about it from a German news
magazine.

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer and author: http://debiansystem.info
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
Invalid/expired PGP (sub)keys? Use subkeys.pgp.net as keyserver!
 
"be the change you want to see in the world"
                                                     -- mahatma gandhi

Attachment: signature.asc
Description: Digital signature (GPG/PGP)


Reply to: