[Debian-ha-maintainers] Bug#843041: Clarification of conduct

[Ferenc Wágner]

               Hi Salvatore,

According to Pacemaker upstream, they sent forward notice about this
vulnerability to the Debian Security Team a couple of weeks before the
disclosure.  Did you get it?  I'm the primary maintainer of the
pacemaker package in Debian, but I only learnt about the issue from the
bug report you opened right after the disclosure.  It was no big deal
and stable wasn't affected, but I still wonder how these channels work.
Could you please provide some insight?
-- 
Thanks,
Feri