Hi On Thu, Jun 01, 2017 at 08:54:57AM +0200, Michael Stapelberg wrote: > I got the idea from https://www.debian.org/security/faq#upload. Is the FAQ > outdated, or did I read it wrong? If the latter, please elaborate so that > we can update the docs to be more clear.
The idea behind that FAQ entry is to state that an upload should never be done without first having an ack from the security team. The dev-ref gives a broather view on how to handle security-issues, and interact with the team: https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#bug-security Maybe we should rephrase a bit the FAQ entry itself. Regards, Salvatore
