Security Policy - 4. Security update procedure.

4.1 Adding security related updates.

Security updates may only be applied once they have been verified by the original Author of the software which has been packaged for Fink and found to be vulnerable to a security issue. Before an update one or more of the following conditions have to be met:

4.2 Unstable to stable moves.

Security updates for a specific package will first be applied to the unstable tree. After a waiting period of no less than 12 hours the packages' info (and eventually patch) files will be moved into the stable tree as well. The retention period shall be used to carefully observe whether the updated package works and the security update does not introduce any new issues.

Next: 5. Sending notifications