> Security team was happy to have this in, but we preferred to go through the SRU process in order to have better regression analysis.
That's pretty convincing, since a security update would trump the SRU process anyway. And it does make sense to use the SRU process for time to bake in proposed, a more visible opportunity for users to flag issues, and so forth. However, I want to make sure that we don't end up in a gap where the security team think that the SRU team consider it fine and the SRU team think that the security team think it's fine so nobody actually gives it the necessary consideration for regression risk. To avoid this kind of issue, I prefer to avoid basing decisions on hearsay in bugs. Can I ask, if we're going to accept this on the basis that the security team require it for security purposes, that the security team review the upload and then note +1 in this bug? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908119 Title: Update and SRU 1.90.8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fprintd/+bug/1908119/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
