On Wed, Jul 18, 2018 at 08:40:00PM +0000, nusenu wrote:
you probably want to reach out to package maintainer that didn't update yet (like the ubuntu snap) - if you didn't do so yet
Right, those people should be on the tor-packagers list if they want to hear about it.
There is also a separate list of people that we mail personally, like the Debian maintainer, because we're the ones who care most about having the new update happen so it's polite of us to do the extra work. We could add more people to that list.
AlternateBridgeAuthority Serge orport=9001 bridge 66.111.2.131:9030 BA44 A889 E64B 93FA A2B1 14E0 2C2A 279A 8555 C533
I'd expect such email to be signed - yes, even if people can fetch that data from a signed release.
I actually thought about signing it but then I realized that mailman mangles messages to the point that my signatures usually end up bad (yours do too :/ ), so it didn't seem worth fighting with that one.
--Roger