Hi, On Sat Dec 18, 2010 at 16:47:47 -0800, Vagrant Cascadian wrote: > On Sat, Dec 18, 2010 at 01:08:07PM +0100, Moritz Muehlenhoff wrote: > > Traditionally Debian security advisories have included MD5 check sums > > of the updated packages. This was introduced at a time when apt didn't > > exist yet and BIND was at version 4. > > > > Since apt cryptographically enforces the integrity of the archive for > > quite some time now, we've decided to finally drop the hash values > > from our advisory mails. > > thanks for all your work on the security team! i'm glad to hear this! > > > We'll also change some details of the advisory format in the upcoming > > months. > > i'm curious about some of the possible changes in the format. namely: > > will new advisories be in a machine parseable format? > > will it include a list of affected binary packages (in addition to source > packages)?
ACK. +1 YAML? -- Martin Zobel-Helas <[email protected]> | Debian System Administrator Debian & GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
