2011-11-10 14:28:51 |
Jamie Strandboge |
bug |
|
|
added bug |
2011-11-10 14:34:00 |
Jamie Strandboge |
bug |
|
|
added subscriber Ubuntu Security Team |
2011-11-10 14:47:07 |
Curtis Hovey |
launchpad: status |
New |
Triaged |
|
2011-11-10 14:47:10 |
Curtis Hovey |
launchpad: importance |
Undecided |
Low |
|
2011-11-10 14:47:38 |
Curtis Hovey |
tags |
|
distributions milestones projects series |
|
2011-11-10 14:48:47 |
Colin Watson |
bug |
|
|
added subscriber Colin Watson |
2011-11-10 14:54:09 |
Curtis Hovey |
summary |
ubuntu-security should be able to target to release |
security contact cannot target to release |
|
2011-11-10 14:54:18 |
Curtis Hovey |
tags |
distributions milestones projects series |
bugs distributions milestones projects series |
|
2011-11-10 14:54:25 |
Curtis Hovey |
tags |
bugs distributions milestones projects series |
bugs cves distributions milestones projects series |
|
2011-11-10 16:45:57 |
Kate Stewart |
bug |
|
|
added subscriber Kate Stewart |
2012-08-31 14:23:39 |
Curtis Hovey |
summary |
security contact cannot target to release |
ubuntu-security cannot target to release |
|
2012-10-08 21:14:31 |
Curtis Hovey |
description |
ubuntu-security routinely uses the 'target to release' functionality in Launchpad to track CVEs. Part of this work is for our kernel security engineer to work with the kernel team on the kernel cadence, which requires as part of our process to manipulate 'target to release' tasks a lot. Unfortunately, to be able to 'target to release', currently one must be a core-dev, part of ubuntu-release or part of ubuntu-drivers (there may be others). I would like the 'target to release' permissions to also include 'ubuntu-security'.
As it is a requirement for people in ubuntu-security to manipulate tasks, but it is not a requirement for specialist security engineers (like our browser security engineer or kernel security engineer) to be core-dev or in one of these groups, the current permissions do not fit the needs for my team, and this blocks their work.
It was mentioned that ubuntu-security could be added to ubuntu-release, but that does not seem the proper longterm fix, as ubuntu-release starts to become bloated like ubuntu-drivers used to be. Depending on the time frame for this fix, we may have to use ubuntu-release as a workaround since this is blocking our work. (This was not a big problem before but changes in our team have highlighted the issue (ie, our new kernel security engineer is not in any of these groups)). |
ubuntu-security routinely uses the 'target to series' functionality in Launchpad to track CVEs. Part of this work is for our kernel security engineer to work with the kernel team on the kernel cadence, which requires as part of our process to manipulate 'target to release' tasks a lot. Unfortunately, to be able to 'target to release', currently one must be a core-dev, part of ubuntu-release or part of ubuntu-drivers (there may be others). I would like the 'target to series' permissions to also include 'ubuntu-security'.
As it is a requirement for people in ubuntu-security to manipulate tasks, but it is not a requirement for specialist security engineers (like our browser security engineer or kernel security engineer) to be core-dev or in one of these groups, the current permissions do not fit the needs for my team, and this blocks their work.
It was mentioned that ubuntu-security could be added to ubuntu-release, but that does not seem the proper longterm fix, as ubuntu-release starts to become bloated like ubuntu-drivers used to be. Depending on the time frame for this fix, we may have to use ubuntu-release as a workaround since this is blocking our work. (This was not a big problem before but changes in our team have highlighted the issue (ie, our new kernel security engineer is not in any of these groups)). |
|
2012-11-20 16:29:36 |
Curtis Hovey |
summary |
ubuntu-security cannot target to release |
ubuntu-security cannot target to series |
|
2012-11-20 16:29:56 |
Curtis Hovey |
tags |
bugs cves distributions milestones projects series |
bug-nomination bugs cves distributions milestones projects series |
|