Re: fixing links for DLAs in the security tracker
On 2017-03-29 07:29:06, Salvatore Bonaccorso wrote: > Hi, > > On Wed, Mar 29, 2017 at 06:28:49AM +0200, Salvatore Bonaccorso wrote: >> Hi, >> >> On Tue, Mar 28, 2017 at 10:16:52PM +, Holger Levsen wrote: >> > On Tue, Mar 28, 2017 at 10:35:34PM +0200, Moritz Muehlenhoff wrote: >> > > Well, you don't have a web site comparable to >> > > https://www.debian.org/security/2017/dsa-3796, so where should >> > > it possibly link to? >> > >> > I guess it's time to create this "web site" then :) >> >> See as well https://bugs.debian.org/761945 (and respective clones for >> debian-). > > The security-tracker side of this has been implemented now, Paul Wise > did the corresponding work. But around 400 DLA's are not yet imported > so many links will sow a page not found. > > A working example: > https://security-tracker.debian.org/tracker/DLA-55-1 or > https://security-tracker.debian.org/tracker/DLA-400-1 So I guess the next steps are for the LTS team: 1. update the documentation so that updating the website is part of the workflow 2. import old DLA advisories into the websites I can try and complete this by the end of the week. > p.s.: generally: for changes to the security-tracker, please do not use > debian-lts but rather the security-tracker list (or even > better/depending on case via bugreports). Understood. I wasn't sure, but will try to keep that in mind in the future... A. -- Rock journalism is people who can't write, interviewing people who can't talk, in order to provide articles for people who can't read. - Frank Zappa
Re: fixing links for DLAs in the security tracker
On Wed, Mar 29, 2017 at 07:29:06AM +0200, Salvatore Bonaccorso wrote: > The security-tracker side of this has been implemented now, Paul Wise > did the corresponding work. cool! thanks Paul! -- cheers, Holger signature.asc Description: Digital signature
Re: fixing links for DLAs in the security tracker
Hi, On Wed, Mar 29, 2017 at 06:28:49AM +0200, Salvatore Bonaccorso wrote: > Hi, > > On Tue, Mar 28, 2017 at 10:16:52PM +, Holger Levsen wrote: > > On Tue, Mar 28, 2017 at 10:35:34PM +0200, Moritz Muehlenhoff wrote: > > > Well, you don't have a web site comparable to > > > https://www.debian.org/security/2017/dsa-3796, so where should > > > it possibly link to? > > > > I guess it's time to create this "web site" then :) > > See as well https://bugs.debian.org/761945 (and respective clones for > debian-). The security-tracker side of this has been implemented now, Paul Wise did the corresponding work. But around 400 DLA's are not yet imported so many links will sow a page not found. A working example: https://security-tracker.debian.org/tracker/DLA-55-1 or https://security-tracker.debian.org/tracker/DLA-400-1 Regards, Salvatore p.s.: generally: for changes to the security-tracker, please do not use debian-lts but rather the security-tracker list (or even better/depending on case via bugreports).
Re: fixing links for DLAs in the security tracker
On Wed, Mar 29, 2017 at 12:28 PM, Salvatore Bonaccorso wrote: > See as well https://bugs.debian.org/761945 (and respective clones for > debian-). Committed a patch for this, carnil deployed it. One downside to this is that committing DLAs to the Debian website hasn't happened since 2016 DLA-445-2: https://security-tracker.debian.org/tracker/DLA-445-2 https://www.debian.org/security/2016/dla-445 https://security-tracker.debian.org/tracker/DLA-446-1 https://www.debian.org/security/2016/dla-446 (404) -- bye, pabs https://wiki.debian.org/PaulWise
Re: fixing links for DLAs in the security tracker
Hi, On Tue, Mar 28, 2017 at 10:16:52PM +, Holger Levsen wrote: > On Tue, Mar 28, 2017 at 10:35:34PM +0200, Moritz Muehlenhoff wrote: > > Well, you don't have a web site comparable to > > https://www.debian.org/security/2017/dsa-3796, so where should > > it possibly link to? > > I guess it's time to create this "web site" then :) See as well https://bugs.debian.org/761945 (and respective clones for debian-). Regards, Salvatore
Re: fixing links for DLAs in the security tracker
On Tue, Mar 28, 2017 at 10:35:34PM +0200, Moritz Muehlenhoff wrote: > Well, you don't have a web site comparable to > https://www.debian.org/security/2017/dsa-3796, so where should > it possibly link to? I guess it's time to create this "web site" then :) -- cheers, Holger signature.asc Description: Digital signature
Re: fixing links for DLAs in the security tracker
On Tue, Mar 28, 2017 at 04:08:19PM -0400, Antoine Beaupré wrote: > I constantly find myself struggling to find the actual DLA announcements > when I browse the security tracker. Take for example: > > https://security-tracker.debian.org/tracker/CVE-2016-8743 > > If you click on the DSA there: > > https://security-tracker.debian.org/tracker/DSA-3796-1 > > You have a nice "Source" link that brings you to: > > https://www.debian.org/security/2017/dsa-3796 > > Yet the DLA page doesn't have that feature: > > https://security-tracker.debian.org/tracker/DLA-841-1 Well, you don't have a web site comparable to https://www.debian.org/security/2017/dsa-3796, so where should it possibly link to? Cheers, Moritz