On Mon, 2021-04-12 at 17:40 +0000, BLFS Trac via blfs-book wrote: > #14887: thunderbird-78.9.1 > -------------------------+--------------------- > Reporter: renodr | Owner: timtas > Type: enhancement | Status: closed > Priority: normal | Milestone: 10.2 > Component: BOOK | Version: SVN > Severity: normal | Resolution: fixed > Keywords: | > -------------------------+--------------------- > > Comment (by ken@…): > > First you need to follow the git editors guide to clone the lfswww > repository. > > Within that, the files are in blfs/advisories/ > > First go to consolidated.html. There is quite a long commented note about > what to do. > Please read that. > > After the comments you will find the latest advisory, with older ones > below it. Note that the id link (above the h4 header) starts sa- to make > the html validation tool happy, and > that emphasis is now shown with <em>...</em> instead of <b> or <i>. > > It is often easiest to find an earlier link for the same package - > sa-10.1-012 seems a nice short one, you could copy that as a basis (e.g. > the links to the books should be correct). In this case the mozilla > advisory is mfsa2021-13/ and the severity is Medium. > > Change the text as necessary, add cve links to nvd, or else to mitre, if > they exist and are informative. In the general case, start searching for > other links if nothing was found (for mozilla, the mfsa will normally say > something, other vulnerabilities might need a summary of what the problem > is). > > When you think you have got the consolidated item correct, check it in > your browser. If you are doing the edit on your desktop machine, no > problem. I keep my repos on my local server and render the books via > apache. In my case I need to set files to point to where the books should > be rendered, and for advisories and errata I have symlinks pointing to the > blfs/advisories/ and blfs/errata/ directories (and also for lfs). > > If the new consolidated item looks ok and the links (both external and to > the dev books) work, you can then do the second part: > > Edit 10.1.html (i.e. the name changes after each release). This is ordered > alphabetically, except when I've screwed up, and within the package newest > updates come first. > > You will see there is a commented <h3>PackageName</h3> as a guide. We now > have sa- id's on each item, which allows links to other packages if needed > (it is not normally needed). > Find where the new advisory belongs, copy the id and h4 from > consolidated,html with a note of the problem (often short). Finish with: > To fix this(or these) update to PackageName-x.y.z or > later. Follow that with a link to the consolidated page (remember to > change the link number if copying it). > > For thunderbird there is a standard paragraph (italic, using css because > it is a whole paragraph) which comes before the newest thunderbird > advisory. > > We now try to use upstream's preferred capitalization, if there is one. > > Take a look at the existing items (and in the general case, perhaps > previous existing items in 10.0). > > Again, check the file in your browser, and check that the link to > consolidated goes to the right item (it should be the first item on the > consolidated page). > > When ready, push. If I am ever doing a lot, and suspect someone else might > be doing something, I try to first do the consolidated, push that to grab > the numbers, and then do the rest. >
Shouldn't we add this to the editor guide? Pierre -- http://lists.linuxfromscratch.org/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
