[Secure-testing-commits] r24545 - org
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Dec 3 21:07:43 UTC 2013
Author: jmm
Date: 2013-12-03 21:07:42 +0000 (Tue, 03 Dec 2013)
New Revision: 24545
Added:
org/agenda-2014.txt
Log:
initial agenda bits
Added: org/agenda-2014.txt
===================================================================
--- org/agenda-2014.txt (rev 0)
+++ org/agenda-2014.txt 2013-12-03 21:07:42 UTC (rev 24545)
@@ -0,0 +1,64 @@
+
+Agenda for Security Team Meeting
+
+
+
+Workflow
+========
+
+- Opening up the security process further to allow maintainers of packages with
+ frequent issues to release updates themselves
+ - Updates need to be reviewed/acked by sec team members
+ - Requires changes to dak to no longer require access to security-master, e.g.
+ by using a mechanism similar to allowing a DM to upload and sendingk error
+ messages to the signer of the upload (already requested by Thijs)
+ - Requires changes to debian-security-announce
+
+- Is dsa-needed an improvement? What shall we do with embargoed issues?
+
+- Ditch RT?
+
+- Draft new people, possible candidates
+
+Archive tools
+=============
+
+- Compile a list of issues we want to see fixed
+
+- Do we really need the embargo queue? This would simplify dak/FTP situations immensely.
+
+
+Tracker
+=======
+
+- Add a new status to differentiate between "no-dsa, if the maintainer wants
+ to fix in a point update go ahead" and "no-dsa, was ignored because it's
+ possible to backport".
+
+- Automatic weekly status on open issues sent to maintainers (catches
+ issues which fell through the cracks, like CVE-2013-2236)
+
+- Check open bugs in the BTS, check bugs against security-tracker pseudo package
+
+- Migrate to git?
+
+Documentation
+=============
+
+- Work on proper documentation how people can contribute
+
+
+Others
+======
+
+- d-d-a mail for file collecting willing testers for exotic setups
+
+- Compile a list of test instructions for key packages
+
+
+LTS
+===
+
+- Setup and organisation
+
+- Gather a specific list of people interested in contributing (e.g. credative already stepped forward)
\ No newline at end of file
More information about the Secure-testing-commits
mailing list