On Tue, April 29, 2014 18:45, Russ Allbery wrote: > Marko Randjelovic <marko...@eunet.rs> writes: > >> I added this: > >> "Debian policy should require that in every source package all security >> packages should be clearly marked as such in standard and easily >> parsable way with optional further references." > > I don't agree with this statement. I think there are far more important > things to document in Policy that haven't yet been documented there than > creating new rules about patch naming. Note that, currently, Debian > Policy doesn't require that you use separated patches *at all*, nor should > it given that there is not project consensus for requiring that source > package representation.
I'm quite unclear even on what problem it tries to solve. Debian already extensively tracks which vulnerabilities affect which package versions, and I don't see what sorting patches into 'security' and 'other' would add to this. Thijs -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/21d2a0ee1c0575779cf73790ee5d5d2b.squir...@aphrodite.kinkhorst.nl
