On Sun, Jun 10, 2007 at 06:14:48PM +0200, Julien Danjou wrote: > At 1181466754 time_t, Lo??c Minier wrote: > > Hey, > > > > I've uploaded madwifi_0.9.2+r1842.20061207-2etch1 prepared by Kel > > Modderman with the attached interdiff; it contains security fixes. > > Please review and accept. > > Why is this not handled by security team?
They've asked the security team a number of times for an update. Though the security team may have never formally said 'no' for this one, I have seen members assert before that non-free updates need to go through SRM. In lieu of a formal response from the security team (I was not a member then), I sent the madwifi maintainers the following response last time they asked: On Thu, May 24, 2007 at 11:13:47AM -0600, dann frazier wrote: > hey Kel, > I've seen other people on the security team suggest that non-free > updates go in via a stable update. In which case, I suggest forwarding > this onto debian-release as described here: > http://lists.debian.org/debian-devel-announce/2007/04/msg00005.html Of course, the security FAQ suggests that the security team *would* normally release advisories for non-free stuff, if someone else does the rest of the work: http://www.debian.org/security/faq#contrib I'm now on the security team and I don't mind doing this advisory, assuming there's no objections from the security team - nor do I have any objections about introducing these fixes via stable instead. -- dann frazier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
