On Tue, Aug 27, 2013 at 7:18 PM, Russ Allbery <r...@debian.org> wrote:
> IMHO the Security Team should not act as fixers themselves but more as > > proxies, passing information about a security issue to the maintainer of > > the package. > > And what happens then if the maintainer doesn't respond? > > Then, and only then, as a last resort, the Security Team / LTS Team takes care of the problem -- Pau Garcia i Quiles http://www.elpauer.org (Due to my workload, I may need 10 days to answer)
