On Fri, 2006-01-13 at 15:20 -0600, Josh Boyer wrote: > > On Fri, 2006-01-13 at 15:15 -0600, Josh Boyer wrote: > >> > >> Now the real question is, should there be some sort of defined policy > >> for > >> security fixes? > >> > > > > I'd be game with making a extras-security alert address that had the > > package signers and some other security folks on it so we could expedite > > things if need be. > > > > but a private list, for obvious reasons. > > I'll second this. Seems like a good idea to me. > > Should we talk about embargos though? > why don't we just ask thorsten to add this to the agenda. and get it taken care of then? -sv
