>Uploads to unstable require maintainer coordination. That alone has the >potential to introduce a delay (e.g., in the case of an unresponsive >maintainer).
That sounds easily solvable by allowing a DELAYED/2 NMU or something for security fixes. However, such a policy would only work if we have an objective criterion classifying a fix as a security fix, which could be problematic specifically in the case of issues marked no-dsa. But "listed in security-tracker" would probably do. -nik
