15 Mar
2010
15 Mar
'10
10:34 p.m.
On Mon, Mar 15, 2010 at 11:18 PM, Magnus Therning <magnus@therning.org> wrote:
After a quick look at it I don't see much that would apply though. Arch doesn't have releases. Arch follows upstream releases very closes (in some cases even too closely ;-)
So, if there is no need for backporting to a set of packages that has been blessed into a supported release, what is left to do for a dedicated security team?
1) what allan said : A group could monitor security issues and file bugs to get the devs to fix them. 2) resume and finish the gpg work for pacman & friends