security update process failure

Karsten Hopp karsten at
Sun Sep 4 21:01:19 UTC 2011

Hi !

I'd call it a failure when a security update for a critical path package gets stuck in 
-updates-testing for 6 weeks. I'm talking about the F14 libcap update, where only one 
proventester cared to test the updated package and commented on it.
Sure, it is only a minor security issue, but shouldn't security updates have priority in 
testing over any pet packages you have ?
Security updates certainly take preference for me as I'm trying to get them submitted as 
early as possible. But when a package sits in -testing for such a long time I need to ask 
myself why I should bother with doing timely security updates at all.


More information about the test mailing list