Thanks, I agree that updating the FAQ would be good. The original question of how to proceed still stands. I sent the patch in my previous message; do you want me to upload it, or do you want to upload it? If I should do it, let me state for the record that I have no idea what I’m doing (I never uploaded to anything but unstable/experimental).
On Thu, Jun 1, 2017 at 9:34 AM, Salvatore Bonaccorso <car...@debian.org> wrote: > Hi > > On Thu, Jun 01, 2017 at 08:54:57AM +0200, Michael Stapelberg wrote: > > I got the idea from https://www.debian.org/security/faq#upload. Is the > FAQ > > outdated, or did I read it wrong? If the latter, please elaborate so that > > we can update the docs to be more clear. > > The idea behind that FAQ entry is to state that an upload should never > be done without first having an ack from the security team. The > dev-ref gives a broather view on how to handle security-issues, and > interact with the team: > > https://www.debian.org/doc/manuals/developers-reference/ > ch05.en.html#bug-security > > Maybe we should rephrase a bit the FAQ entry itself. > > Regards, > Salvatore > -- Best regards, Michael
