Bits from the Security Team
- We get tons of spam. If your issue isn't replied to at least once wait a day and resend.
- Frequently advisories are delayed because our buildd machines are broken. We can't fix them.
- People reporting bugs with the 'security' tag help us.
- People reporting bugs with patches help us more.
- People reporting bugs with patches and pointers to fixed packages they have build help us best.
- I like pies.
I am happy to look over patches, built packages, and generally encourage people to be involved. Our team isn't huge but historically we've only added people who've done a fair bit of work first. That is both good and bad.
I could write more, and probably should, but I'll stop there for now because I'm frustrated by the HPPA build machine. Again.
ObRelated: Moritz is trying to get the archive rebuilt with security features from our compilers (eg. -fstack-protector) included. This would be a fantastic achievement. People interested in tested kernel patches, donating buildd machines, etc, etc should give him a ping.