MotU Security bug filing / Malone questions
Daniel Holbach
daniel.holbach at ubuntu.com
Wed Dec 7 07:22:31 GMT 2005
Hello Piotr,
Am Mittwoch, den 07.12.2005, 07:51 +0100 schrieb Shot - Piotr
Szotkowski:
> What is the proper way to file security-related bugs on universe
> packages? I filed #5297 (recent Trac vulnerabilities fixed in Debian)
> on December 2nd, and I see Daniel Holbach assigned the bug the next day,
> but now I'm wondering whether I can do anything more about it or will
> the bug get it's share of security love in due time.
thanks for taking so much care of this and posting it to the list, you
clearly identified a bug in our processes.
What do you all think about forming a security team? As I envision it,
its members wouldn't have to be security experts per se, but get working
on those issues as soon as they happen. Often enough Debian and/or
Upstream are quick enough to fix it and we just have to make sure, we
follow up.
I'd highly appreciate it, if a lot of us would volunteer for this.
Opinions? Who starts the team?
Have a nice day,
Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.ubuntu.com/archives/ubuntu-motu/attachments/20051207/554ace9f/attachment.pgp
More information about the Ubuntu-motu
mailing list