From ad57028c5bc6e9e0c82f20a2909b2990f8963008 Mon Sep 17 00:00:00 2001 From: Thomas Lange Date: Fri, 5 Apr 2024 20:22:03 +0200 Subject: adjust to the process --- english/security/README | 53 +++---------------------------------------------- 1 file changed, 3 insertions(+), 50 deletions(-) diff --git a/english/security/README b/english/security/README index f8fb8efae96..09ae2dd79ce 100644 --- a/english/security/README +++ b/english/security/README @@ -4,55 +4,8 @@ This directory contains the status of all Debian related security problems that have been reported. -Indices are created similarly to the News/ directory. +From 12/2023 there's no manual work needed for the list of security announcements. - Publishing a new advisory - ------------------------- +The list of DSA/DLA is generated by mk-dsa-dla-list +The oval files are generated by generate.py -New advisories are stored by the security team in -security.debian.org:/org/security.debian.org/advisories/DSA/ -The parse_advisory.pl script is used on these files in order to create the -corresponding dsa-XXX.wml and dsa-XXX.data files, from which the advisory -web pages are made. - -You can also use the text of the advisory as sent over the -debian-security-announce mailing list if you have no access to security.d.o -and no one of the security team has time to help you. -Therefor you have to save the mail body in a file named -dsa--. - -Usage: - ./parse_advisory.pl [ -d ] - -The option -d enables debug mode, meaning that the output is redirected -to standard output (stdout). - - Updating an advisory - -------------------- - -When a new revision of an advisory is released, you would normally -just edit the .wml and .data files to reflect the changes. -However, if some packages have been added to the advisory it can be -helpful to run parse_advisory.pl in a separate directory and copy the -new URLs to the old advisory. -You can specify the date of revisions in the report_date tag -as comma-delimited list. - -If a new revision is released before the next report and within a -short time after the preceding one (half a week or so), you -probably want to replace the last date instead, because new revisions -appear as separate entries in the list on security/index. - -The possibility to specify a comma-separated list in a report_date -tag instead one date is new since 03/2003 and thus not used in -advisories released before that. If you want to update the old -advisories: Just do it! But this has no high priority. - - Translating an advisory - ----------------------- - -Don't translate the *.data files, only the *.wml files. - -In addition to translating the text of each advisory, you need to -make sure that the translations in the ../po/security.xy.po file -are up to date (the strings in the templates). -- cgit v1.2.3