On Fri, Jan 15, 2016 at 04:09:58PM +0100, Norvald H. Ryeng wrote: > so I'll need the complete list of > requirements first. The Debian MySQL team has asked for a list, in > writing, several times now, but that list has not been produced.
Here's what it essentially boils down to: - Public, non-discriminatory access, we don't sign NDAs - Public mapping between CVE IDs and patches (or commit IDs to a public VCS) - If the patches don't have meaningful commits messages on the nature of the change, provide a contact who is willing to answer questions for backports or impact Cheers, Moritz