Package: debtags
Severity: normal
Please add support for the following tags, as discussed during
DebConf in Edinburgh:
* [etch|lenny]-security-unsupported to flag that a source package has no
support by the Security Team. It should be distribution-specific to
allow revoking support for individual suites, as it was necessary for
Mozilla in Sarge.
* security-local-use-only (or something similar, I'm unsure about the exact
naming), to indicate that security support only applies to local, trusted
users.
An example: SQL-Ledger has a horrible security track record, so we only
support to run it behind an authenticated HTTP zone. It's still a useful
software and limiting support is a viable choice; doing accounting carries
a whole lot of implicit trust anyway.
Once implemented in debtags we need support in apt, etc.
If you have any questions, please come back to me. I'm also available
on #debian-security
Cheers,
Moritz
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-1-686 (SMP w/1 CPU core)
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
