On 8 June 2011 23:40, Anssi Hannula <anssi.hann...@iki.fi> wrote: > On 08.06.2011 23:23, Ahmad Samir wrote: >> On 8 June 2011 21:45, Samuel Verschelde <sto...@laposte.net> wrote: >>> Le mercredi 8 juin 2011 19:39:55, Ahmad Samir a écrit : >>> >>>> IMHO, rejection reasons: >>> >>>> - The sec team doesn't think the update fixes a serious security >>> >>>> vulnerability; so it's not updates but backports >>> >>> What about bugfix updates ? I guess fixing a bug is a valid reason for an >>> update, like it was in Mandriva's updates. >>> >>> Regards >>> >>> Samuel >> >> Right, I probably phrased that one wrongly; I meant: >> fixes a serious bug, e.g. crashing, segfaulting > > I don't think we should exclude non-serious bugs :) >
Depends, overworking the sec team doesn't look like a good aspect... (that's why I liked contrib in mdv, I could push an update any time, without having to go though the bug report -> QA -> Sec team loop). > (or version updates in some cases, like firefox/opera/flash or updating > an rc/beta version to a stable one, and maybe some online games that are > useless unless on latest version) > I agree, (except for the games part, nowadays if it's less than 4GB it's not really a "game"). Maybe the sec team should only work on sec fixes, and there should be a sub-group of the sec team that handle the not CVE|crash|segfaulting|buffer-overflow updates. > -- > Anssi Hannula > -- Ahmad Samir