Comment 4 for bug 1908119
Revision history for this message
| Robie Basak (racb) wrote Re: Update and SRU 1.90.8 | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
> Security team was happy to have this in, but we preferred to go through the SRU process in order to have better regression analysis.
That's pretty convincing, since a security update would trump the SRU process anyway. And it does make sense to use the SRU process for time to bake in proposed, a more visible opportunity for users to flag issues, and so forth.
However, I want to make sure that we don't end up in a gap where the security team think that the SRU team consider it fine and the SRU team think that the security team think it's fine so nobody actually gives it the necessary consideration for regression risk. To avoid this kind of issue, I prefer to avoid basing decisions on hearsay in bugs.
Can I ask, if we're going to accept this on the basis that the security team require it for security purposes, that the security team review the upload and then note +1 in this bug?