aba recently
announced
the freeze of Debian Etch, which is great news. However, it now means that
a lot of work is now important for the secure testing team. So, if you have
time, please help us out and look through the
list of vulnerable
packages in the testing suite, and provide patches/upload fixes :) I'd like
as many of these fixed as possible before we hand over to the stable security
team.
I've also been actively recruiting recently. Luk has joined the team, and
should also be helping to issue updates in the near future. Please come find me
on IRC (Maulkin) if you want to help us produce a nice secure operating system
:P
As this seems to be a post about testing security, I'll put a bit of a status
update too:
- Updates now go through newklecker (aka: security.debian.org)
- The embargoed/unembargoed queues seem to work (mostly), whcih means that there should be a greater number of people who can do updates for stable
- We're working through all the outstanding issues which don't have CVE-IDs yet, and requesting them
- I'm working on various clamav signatures to find embedded code copies in other packages
