Hi Arno, > On 16.05.2013 21:52, Moritz Muehlenhoff wrote: > > Please prevent the upload to ftp-master for packages with the > > distribution in the changes file pointing to
> we do? Or rather: We give a warning and ask whether the user really > intended to upload to security-master. That's not the issue. The issue is someone preparing an upload with target stable-security but accidentally typing "dput package.changes", that is, upload it to *ftp*master which will happily accept and process it. I've just confirmed that dput (1.4) doesn't stop this. This is important to prevent: these mistakes turn out to happen quite a lot and lead firstly to work on the part of the RT, but perhaps even more importantly, may leak still-embargoed updates to a public place. old dput prevents this with an allowed-distributions = !.*-security line in dput.cf for ftp-master. > That said it could be we don't recognize all code name aliases pointing > to stable-security. That's something we have on the radar though but > it's not that easy to have a comprehensive since dak does not export > anything consumable to us. It would be important to support since we are recommending to use codename-security instead of stable-security. Why not just use a wildcard .*-security? Cheers, Thijs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org