MOTU Application

Stefan Potyra sistpoty at ubuntu.com
Thu Aug 30 00:05:34 BST 2007 

Hi Mathias,

Am Mittwoch 29 August 2007 21:30:44 schrieb Mathias Gug:
> Hi Stefan,
>
> On Sun, Aug 26, 2007 at 02:32:06PM +0200, Stefan Potyra wrote:
> > looking at your packages, most of these are in main. So I'm
> > interested: Do you have any special goals for universe planned?
>
> I plan to help with review and sponsoring of server related packages. As
> I have a general interest in server related packages, I'll help
> new team members to package softwares that could increase the number of
> features for Ubuntu Server.
>
> There are a couple of packages in universe (such as tomcat, drupal or
> libpam-krb5) that should be looked after as they are used by
> ubuntu-server users. I'd like to improve their quality by fixing bugs or
> mentoring potential contributors.

Great!

>
> > Since you're a member of the ubuntu-server team, I've got the following
> > question: Quite a lot of packages, that are server related (e.g.
> > wordpress, python-django etc.) are in universe. Also, we once founded a
> > security team for universe, there isn't too much activity there which
> > means that security bugs don't get triaged/fixed. What do you think
> > should be done to improve this situation? What could you do to help out?
>
> A lot of ubuntu-server users are using packages from universe. So I'd like
> to contribute to the security tracking of server related packages. First a
> small list of server related packages should be established.  Second,
> ubuntu-server users are using the packages to build professional
> platforms and services (I know that one of the regular ubuntu-server
> contributor runs a drupal based company). I think it could be worth
> asking these regular users to be part of the security process. Usually
> they are aware of upstream security vulnerabilities and could notify the
> security team members. They can also help identify which patches should
> be applied and may even be involved in packaging the security updates.
> There are different points in the process where they could be involved
> and I'd like to help them participating in it. I'd also be directly
> involved in the packaging effort to release security updates for
> server-related packages.

Sounds great as well!

So here's another question from me: I remember a problem, when the split of 
gs-esp to gs-esp-x and gs-esp for ubuntu-server had caused a number of bugs 
on other packages in the archive. Especially it was not known back then, 
which other packages were even affected by that split. While I don't want to 
blame anyone here (I only remember that very bug right now, because I was 
affected as a user myself), it shows a problem that arises with different 
groups focussing on different goals: Hence I wonder what your opinion is on 
the following: Is it reasonable for a specific goal to break a number of 
packages from a "lower priority" archive such as universe? Also, what do you 
think would be the best approach to alleviate the results of such a breakage?

Cheers,
   Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ubuntu.com/archives/motu-council/attachments/20070830/2608389d/attachment.pgp

More information about the Motu-council mailing list