On 2010-12-19, Vagrant Cascadian <[email protected]> wrote: > On Sat, Dec 18, 2010 at 01:08:07PM +0100, Moritz Muehlenhoff wrote: >> Traditionally Debian security advisories have included MD5 check sums >> of the updated packages. This was introduced at a time when apt didn't >> exist yet and BIND was at version 4. >> >> Since apt cryptographically enforces the integrity of the archive for >> quite some time now, we've decided to finally drop the hash values >> from our advisory mails. > > thanks for all your work on the security team! i'm glad to hear this! > >> We'll also change some details of the advisory format in the upcoming >> months. > > i'm curious about some of the possible changes in the format. namely: > > will new advisories be in a machine parseable format? > > will it include a list of affected binary packages (in addition to source > packages)? > > what other information will it include? > > some of this could make it much easier to script checks for security available > or completed updates on medium to large networks.
We're open for input here. Everyone is invited to send a list of needed features to [email protected]. (We're having a security team meeting in January, during which we'll discuss the new format) Cheers, Moritz -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
