Extras Security Policy

[Ralf Ertzinger]

On Thu, Sep 08, 2005 at 04:01:20PM +0200, Michael Schwendt wrote:

> That's a box you don't want to open.
> 
> Rather than "any packager touching any package", I'd prefer official
> co-maintainers who divide the package maintenance efforts and take
> care of a package beyond occasional security patches.

I agree that bugzilla is the first way to go. But in case of important
security upgrades we need a fast fallback path if the original maintainer
is not available, for whatever reason.