How can we make security updates faster?

Kevin Fenzi kevin at
Tue May 29 18:39:40 UTC 2012

On Mon, 28 May 2012 12:57:18 -0400 (EDT)
Paul Wouters <pwouters at> wrote:

> Hi,
> I've recently had release updates to two packages with CVE issues in
> then. A few weeks ago, pidgin-otr needed a lot of me prodding people
> to try it and give karma to get the security update out. Right now, my
> socat CVE security releases sits in all four branches with no karma
> after four days.
> Is there something we can do to make these security updates move
> faster?


> Any other thoughts?

Perhaps if there's enough interest we could (re)vive a Security SIG of
some kind? One of their goals could be to cross test updates and
provide karma? 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <>

More information about the devel mailing list