Re: wnpp.debian.net sources released, security review wanted, plans for the future
Sebastian Pipping wrote: Not sure what you had in mind for a feed. If you mean RDF/RSS of DSAs, there are two here: http://www.debian.org/security/ The recommended way is to subscribe to [EMAIL PROTECTED] Is there a way to get notified of new security bugs right when they are opened? You can install debsecan, which generates reports on open security issues and which includes BTS bugs tagged security as well. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
Hi, On Wednesday 30 January 2008 18:00, Sebastian Pipping wrote: What do you think about that lucas? Why only a redirect in the first place? 1. http://people.debian.org/~nion/net-domains.html Lucas offered that to me but the host the site runs on cannot handle a new IP for free. It doesnt need a new IP. Just point wnpp.d.n to the current IP of your server. regards, Holger pgpDlxpIFzkKF.pgp Description: PGP signature
Re: wnpp.debian.net sources released, security review wanted, plans for the future
Paul Wise wrote: -- wnpp.debian.net sources Be nice if that wasn't just a redirect domain. Sorry, but I don't think this will change as long it's maintainer is not a Debian developer. This way or the other. Might want to also ask on debian-security (list or IRC) Will do, good idea. Security related info for Debian is maintained here: http://security-tracker.debian.net/ Not sure what you had in mind for a feed. If you mean RDF/RSS of DSAs, there are two here: http://www.debian.org/security/ That's interesting. Are these feeds linked bublically semewhere? Sebastian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
On Jan 30, 2008 5:32 PM, Sebastian Pipping [EMAIL PROTECTED] wrote: Be nice if that wasn't just a redirect domain. Sorry, but I don't think this will change as long it's maintainer is not a Debian developer. This way or the other. Why not? If it is good enough for a redirector domain, why not a real one? Security related info for Debian is maintained here: http://security-tracker.debian.net/ Not sure what you had in mind for a feed. If you mean RDF/RSS of DSAs, there are two here: http://www.debian.org/security/ That's interesting. Are these feeds linked bublically semewhere? I assume you meant publically somewhere, if so, the answer is yes, the feeds are files, and they are linked from this page: http://www.debian.org/security/ The tracker is only linked from the testing-security page: http://testing-security.debian.net/ CCing debian-www, perhaps someone there will add the tracker link to the security page. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
Paul Wise wrote: Sorry, but I don't think this will change as long it's maintainer is not a Debian developer. This way or the other. Why not? If it is good enough for a redirector domain, why not a real one? What I was trying to say is that I don't think I will get necessary permissions to run this site on Debian ground as long as I am not a full Debian developer. I will also need a MySQL server for that. Sebastian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
On Jan 30, 2008 7:09 PM, Sebastian Pipping [EMAIL PROTECTED] wrote: What I was trying to say is that I don't think I will get necessary permissions to run this site on Debian ground as long as I am not a full Debian developer. I will also need a MySQL server for that. Ah, I see. Perhaps lucas (according to [1]) could be convinced to change the IP to yours. What do you think about that lucas? Why only a redirect in the first place? 1. http://people.debian.org/~nion/net-domains.html -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
Paul Wise wrote: Ah, I see. Perhaps lucas (according to [1]) could be convinced to change the IP to yours. What do you think about that lucas? Why only a redirect in the first place? 1. http://people.debian.org/~nion/net-domains.html Why not just move it to alioth? What I don't remember is if alioth has MySQL or not; at least it has PostgreSQL -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
Paul Wise wrote: Ah, I see. Perhaps lucas (according to [1]) could be convinced to change the IP to yours. What do you think about that lucas? Why only a redirect in the first place? 1. http://people.debian.org/~nion/net-domains.html Lucas offered that to me but the host the site runs on cannot handle a new IP for free. Sebastian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
On 30/01/08 at 19:59 +0900, Paul Wise wrote: On Jan 30, 2008 7:09 PM, Sebastian Pipping [EMAIL PROTECTED] wrote: What I was trying to say is that I don't think I will get necessary permissions to run this site on Debian ground as long as I am not a full Debian developer. I will also need a MySQL server for that. Ah, I see. Perhaps lucas (according to [1]) could be convinced to change the IP to yours. What do you think about that lucas? Why only a redirect in the first place? I have no problem with changing wnpp.d.n to point to whatever Sebastian wants. It's currently a redirection because Sebastian told me that he could not handle a vhost on his side, so I proposed to do it that way. -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
Paul Wise wrote: Not sure what you had in mind for a feed. If you mean RDF/RSS of DSAs, there are two here: http://www.debian.org/security/ Is there a way to get notified of new security bugs right when they are opened? Sebastian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
wnpp.debian.net sources released, security review wanted, plans for the future
Hello! -- wnpp.debian.net sources The source code running http://wnpp.debian.net/ is now hosted in the subversion repository of collab-qa. The current license is GPL 2 or later, the code requires PHP =5 and MySQL =4.1 to run. http://svn.debian.org/viewsvn/collab-qa/ (As the concrete location in there might change I didn't make the link more precise.) -- Security review wanted As I usually code C++ and not PHP/MySQL my current code probably has security issues. As this code is running on a publicly accessible machine I depend on the kindness of its users and your security reviews. If you spot a vulnerability in that code please drop me a private mail about it. Thank you! -- Plans for the future * As I learned today popcon also reports about programs not coming from Debian packages. That information might be useful for extra motivation on RFP/ITP bugs. * The Soap interface is still being queried for single bug's data. It has to be checked if querying several bugs at once makes a difference. I expect it to. * There is interest in a feed on security-related bugs, mentioned by a Gentoo friend of mine. This task can be solved with a fork or a clever modularization of the current wnpp code. The latter would be cool of course. Please contact me if you feel you can help with any of these tasks. Sebastian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wnpp.debian.net sources released, security review wanted, plans for the future
On Jan 30, 2008 9:25 AM, Sebastian Pipping [EMAIL PROTECTED] wrote: -- wnpp.debian.net sources Be nice if that wasn't just a redirect domain. The source code running http://wnpp.debian.net/ is now hosted in the subversion repository of collab-qa. Excellent. -- Security review wanted As I usually code C++ and not PHP/MySQL my current code probably has security issues. As this code is running on a publicly accessible machine I depend on the kindness of its users and your security reviews. Might want to also ask on debian-security (list or IRC) * There is interest in a feed on security-related bugs, mentioned by a Gentoo friend of mine. This task can be solved with a fork or a clever modularization of the current wnpp code. The latter would be cool of course. Security related info for Debian is maintained here: http://security-tracker.debian.net/ Not sure what you had in mind for a feed. If you mean RDF/RSS of DSAs, there are two here: http://www.debian.org/security/ -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]