Hi Antoine et al.,
> After staring at that thing and trying to deal with a few of those, I am
> a little unsure how to actually coordinate this work for now.
I agree that that foo-needed.txt files are a little confusing right
now. :)
To ensure no duplicated work in the next week (or at least to minimise
the risk...) I suggest that we:
* File bugs in the BTS for CVEs that don't have them.
* Tag them properly in data/CVE/list.
* Quasi "claim" them by writing to the aforementioned bug numbers and,
obviously, check there to co-ordinate/check before starting.
* Work on preparing "regular" stable security updates for ACK by the
security team, ie. follow the steps in the Developers Reference.
Other work that can be done in the meantime include improving our
triage scripts -- I still have a half-draft of the "renamed packages"
script, for example.
IIRC I believe the subject to search for is "Improvement needed to our
triaging scripts".
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
