From 97ba4fc4b4581e2797fab936107e13cd0c205f14 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 26 Aug 2005 14:30:24 +0000 Subject: added info on lists, apt uris, and such git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1654 e39458fd-73e7-0310-bf30-c45bca0a0e42 --- website/index.html | 50 ++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 38 insertions(+), 12 deletions(-) (limited to 'website') diff --git a/website/index.html b/website/index.html index bb69c5b1b3..c6da3ec5ae 100644 --- a/website/index.html +++ b/website/index.html @@ -31,15 +31,18 @@ a web page, that tracks open security holes in testing.

- -

Future plans

- +

- After sarge is released and once the autobuilder infrastructure is - in place, we hope to begin issuing security advisories for holes in - testing, and providing fixed packages immediatly on - security.debian.org or a similar site, without the regular delay - involved in getting a fixed package into testing. + The team is in the process of beginning full security support for + testing by providing security advisories and fixes built against + testing without the usual delays sometimes involved in getting a + security fix into testing. These will be announced on the + secure-testing-announce@lists.alioth.debian.org + mailing list, and will be available in the following apt + repository: +

+	deb http://secure-testing.debian.net/debian-security-updates etch/security-updates main contrib non-free
+

Data sources

@@ -87,6 +90,8 @@

Build the package in a testing chroot using pbuilder so that all the dependencies are ok.

Test the package.

Sign the package. Any Debian developer in the keyring + can do so.

Upload to secure-testing-master.debian.net. Here is a dput.cf snippet for that upload queue:

@@ -97,6 +102,22 @@
 		login = anonymous

Once your fix is accepted, a mail will be sent to + the secure-testing-changes + list and, it will become available in this apt repository, + including builds for all other architectures: +

+		deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free
+

+ Once everything is ready, contact a team member to create a DSTA annoucement + (procedure pending), contact a secure-testing-master admin + to move the upload from etch-proposed-updates to + etch (using something like this, but the procedure is still being worked out: + madison -s etch-proposed-updates -f heidi -S $package | sudo -u katie heidi -a etch) + and send the DSTA to secure-testing-announce. +

@@ -104,7 +125,7 @@ Note that the above instructions are provisional until we get everything set up.

- +

Members and contacting the team

@@ -119,10 +140,15 @@

The team can be contacted through its mailing list, secure-testing-team@lists.alioth.debian.org. - There is a second mailing list, + There is a second mailing list, secure-testing-commits@lists.alioth.debian.org - that receives commit messages to our repository. An - alioth + that receives commit messages to our repository, new team members + are encouraged to join it. + The list + secure-testing-changes@lists.alioth.debian.org + receives automatic annoucements of fixed packages uploaded to our + repository. + An alioth project page is also available.

-- cgit v1.2.3