diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2013-12-03 21:07:42 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2013-12-03 21:07:42 +0000 |
commit | 6b79062051c39ee98b22b21de3db71259ccf7962 (patch) | |
tree | 44375842a0ccee8a0d8757aeb9c86ef85aec3864 /org/agenda-2014.txt | |
parent | b2f89aee852fad4f720e2ed66dbbaad4871aec77 (diff) |
initial agenda bits
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@24545 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'org/agenda-2014.txt')
-rw-r--r-- | org/agenda-2014.txt | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/org/agenda-2014.txt b/org/agenda-2014.txt new file mode 100644 index 0000000000..56c2de5b41 --- /dev/null +++ b/org/agenda-2014.txt @@ -0,0 +1,64 @@ + +Agenda for Security Team Meeting + + + +Workflow +======== + +- Opening up the security process further to allow maintainers of packages with + frequent issues to release updates themselves + - Updates need to be reviewed/acked by sec team members + - Requires changes to dak to no longer require access to security-master, e.g. + by using a mechanism similar to allowing a DM to upload and sendingk error + messages to the signer of the upload (already requested by Thijs) + - Requires changes to debian-security-announce + +- Is dsa-needed an improvement? What shall we do with embargoed issues? + +- Ditch RT? + +- Draft new people, possible candidates + +Archive tools +============= + +- Compile a list of issues we want to see fixed + +- Do we really need the embargo queue? This would simplify dak/FTP situations immensely. + + +Tracker +======= + +- Add a new status to differentiate between "no-dsa, if the maintainer wants + to fix in a point update go ahead" and "no-dsa, was ignored because it's + possible to backport". + +- Automatic weekly status on open issues sent to maintainers (catches + issues which fell through the cracks, like CVE-2013-2236) + +- Check open bugs in the BTS, check bugs against security-tracker pseudo package + +- Migrate to git? + +Documentation +============= + +- Work on proper documentation how people can contribute + + +Others +====== + +- d-d-a mail for file collecting willing testers for exotic setups + +- Compile a list of test instructions for key packages + + +LTS +=== + +- Setup and organisation + +- Gather a specific list of people interested in contributing (e.g. credative already stepped forward)
\ No newline at end of file |