The Debian Security Team plans to have a meeting in November (28th -30th):
This page should collect some ideas for the meeting
- General discussion about security improvements
- Integrating backports.org and volatile.debian.org into the tracker
- Automatically propagate changes to testing-security with equivalent unstable version to unstable as well
- Automatically clean out obsolete testing-security packages (php4, cupsys are recent examples)
- What to do with lagging architectures.
- Train more people to handle our CVE pool (currenly only Joey?)
- Dak tweaks:
- make template closer to desired advisory layout?
- allow it to copy .orig.tar.gz from general pool if not found in security pool?
- Find a way for the secteam to gain more insight into what buildds are doing and perhaps control it better
Get to know each other in person