Hi,
On Tue, 01 Dec 2015, Thorsten Alteholz wrote:
> Just for the record, OverrideMaintainer in config/debian-security/dak.conf
> is not meant to inform the security team about security uploads. It is
> rather intended for preventing information leakage. In case the maintainer
> is a mailing list, for example accept mails might contain information that
> are not supposed to be published before an embargo ends.
Yes, I understood that. But it's also useless if we have a setting that
controls who gets accept/reject mails.
That said ansgar told us to review if there are other code paths that
could send mails to maintainers that are not covered by the change we
made here. This needs to be double checked.
A quick grep certainly shows other uses of that parameter but some of it
in dead code apparently (update_subst() in daklib/queue.py which contains
a "raise Exception('to be removed')").
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
