[Secure-testing-team] Vulnerability impact on issues

Nico Golde debian-secure-testing+ml at ngolde.de
Fri Oct 30 17:39:33 UTC 2009


Hi,
* Steffen Joeris <steffen.joeris at skolelinux.de> [2009-10-30 10:22]:
> On Thu, 29 Oct 2009 08:15:41 am Moritz Muehlenhoff wrote:
> > On Wed, Oct 28, 2009 at 02:58:28PM -0600, Raphael Geissert wrote:
> > > Moritz Muehlenhoff wrote:
> > > > Or let's simply get rid of them at all.
> > >
> > > Keeping it would allow us (and others) to see what and how should issues
> > > be prioritised.
> > 
> > It's done by current practice; if it's important people work on it, if not
> > it's postponed. I don't see it providing any use at all.
> I am with Moritz here, if an issue is in serious need of fixing, it usually 
> gets an RT ticket in one of the security queues (and quite often the first 
> person that spots it and has the needed spare time fixes it).

About the RT ticket I have to disagree, this is still not wideley used, even I 
don't use it all the time (yeah shame on me :) And it still helps people who 
have no yet dived into the specific issue to get an idea of what to look at in 
case they want to do something.

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20091030/e86cd5d4/attachment.pgp>


More information about the Secure-testing-team mailing list