FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 04-16-2008, 11:55 AM
"Andrea De Iacovo"
 
Default How to manage security issues when the maintainer is not the developer

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all.

How do you think a maintainer should manage security issues when he is
not the package developer? Should he/she either work alone to make
patches or wait for the upstream patches/relases that solve the bug?

Andrea De Iacovo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIBejnMXahCK22/rwRAhl3AJ9/rP8FFSVqvz1+8bQu1PZHCLGjGQCfZQJ7
zCofl8Z64XpvIRBQklhQ3gQ=
=WToO
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-16-2008, 12:01 PM
Mark Brown
 
Default How to manage security issues when the maintainer is not the developer

On Wed, Apr 16, 2008 at 01:55:51PM +0200, Andrea De Iacovo wrote:

> How do you think a maintainer should manage security issues when he is
> not the package developer? Should he/she either work alone to make
> patches or wait for the upstream patches/relases that solve the bug?

As ever, the best thing tends to be to work with upstream. If the issue
is an upstream one then upstream really needs to be involved in getting
the fix released.

--
"You grabbed my hand and we fell into it, like a daydream - or a fever."


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 12:17 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org