The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: security (was: Re: developer criteria)

I agree with Bruce, we should not wait for the package maintainer to
respond to a security fix.

Non-maintainer releases for security fixes are quite easy to do and
completely unproblematic.

I propose that security problems get reported to debian-private as
before.  Either the package maintainer, or one of the security experts
group that I think we need, or a roving troubleshooter (we need some
of these too), would post to debian-private saying `I shall do this'
immediately just before starting work.  The first person to post in
this way gets the job.

The package maintainer can issue their own fix later or not as they
wish.

Ian.


--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com