Stefan O'Rear writes: > Security team finds hole. > Security team fixes hole. > Security team NMU's woody-proposed-updates > Security team contacts maintainer. > Maintainer applies patch. > Maintainer uploads to sid.
Someone finds hole and notifies maintainer and/or security team. Security is notified if they don't know already. Maintainer is notified if he doesn't know already. Security team and/or maintainer fixes hole. Security team NMU's stable-proposed-updates. Maintainer uploads fixed version to Unstable, perhaps before security team fixes Stable. Often the fix for Unstable is to upload the new, fixed upstream version. Sometimes the newer version that is already in Unstable doesn't have the hole. The fix must be backported for Stable and so Stable can take longer to fix then Unstable. Testing doesn't get fixed until the fixed version propagates to it from Unstable. -- John Hasler [EMAIL PROTECTED] (John Hasler) Dancing Horse Hill Elmwood, WI -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
