diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2014-01-31 16:10:16 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2014-01-31 16:10:16 +0000 |
commit | 04c63bb770e30db3ca76bc315748cdbce1c38774 (patch) | |
tree | c25641538537eb6ca2e298aa6664b7dd1a97ed90 /org/agenda-2014.txt | |
parent | 2d45837d53e920bbef7b4347466e1f14bd7e8da6 (diff) |
more items
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@25444 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'org/agenda-2014.txt')
-rw-r--r-- | org/agenda-2014.txt | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/org/agenda-2014.txt b/org/agenda-2014.txt index 4182f11a34..b548fef25b 100644 --- a/org/agenda-2014.txt +++ b/org/agenda-2014.txt @@ -23,6 +23,8 @@ Workflow - Drop "Problem type" and "Vulnerability" from DSAs? Mostly duplicating information from vulnerability databases +- Review developers reference, does it still reflect current best practices? + Archive tools ============= @@ -35,6 +37,9 @@ Archive tools - Make it simple to release packages for others to test, e.g. an aptable security queue +- autopkgtest on security-master for jessie (for wheezy the amount of tests is + probably negligable + Tracker ======= @@ -89,8 +94,10 @@ Others - Compile a list of test instructions for key packages -- Compile a list of problemtic packages in jessie for the release team +- Provide src:debian-unsupported to indicate unsupported packages +- Compile a list of problematic packages in jessie for the release team + vlc, mariadb/mysql, OpenStack, libv8, owncloud, moodle + What to do with OpenJDK? best-effort + dropping icedtea-web? Ubuntu is also questioning the support: https://lists.ubuntu.com/archives/ubuntu-devel/2014-January/037991.html @@ -108,6 +115,11 @@ Distribution hardening - planning for release goal speedup? [corsac: what does it means?] + - improve detection of hardened build flags, maybe write the flags used into an + ELF section? This way it could be more reliably checked whether correct flags + were used (e.g. for binaries using fortified source, but not using any of the + functions covered by it) + - hidepid by default - heap protection experiment for some packages? (e.g. mcheck) |