Bug#868079: Security issues marked as no-dsa are shown as "ignored"
On Tue, Jul 18, 2017 at 12:08:18PM +1000, Paul Wise wrote: > On Mon, 2017-07-17 at 10:32 +0200, Raphael Hertzog wrote: > > > may "non-critical" or "non-urgent" ? > > I think I would go with non-urgent. > > Perhaps it should also mention point releases? Yeah, it should point to the general process. I'll draft a short text for this during the next weeks. Cheers, Moritz
Bug#868079: Security issues marked as no-dsa are shown as "ignored"
On Mon, 2017-07-17 at 10:32 +0200, Raphael Hertzog wrote: > may "non-critical" or "non-urgent" ? I think I would go with non-urgent. Perhaps it should also mention point releases? -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#868079: Security issues marked as no-dsa are shown as "ignored"
Hi, On Wed, 12 Jul 2017, Paul Wise wrote: > On Wed, Jul 12, 2017 at 6:51 AM, Moritz Muehlenhoff wrote: > > The PTS shows no-dsa security issues as "Ignored security issue", > Do you have an example of a package where this shows up? https://tracker.debian.org/xmlsec1 > > But showing them as ignored is wrong and misleading. > > What wording to replace the current template would you suggest? > > 'nodsa': '{count} ignored security {issue} in {release}', > > Maybe this: > > 'nodsa': '{count} unimportant security {issue} in > {release}', "unimportant" has its own meaning in the security tracker too, so it's not really appropriate. may "non-critical" or "non-urgent" ? Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: https://www.freexian.com/services/debian-lts.html Learn to master Debian: https://debian-handbook.info/get/
Bug#868079: Security issues marked as no-dsa are shown as "ignored"
On Wed, Jul 12, 2017 at 6:51 AM, Moritz Muehlenhoff wrote: > The PTS shows no-dsa security issues as "Ignored security issue", Do you have an example of a package where this shows up? > But showing them as ignored is wrong and misleading. What wording to replace the current template would you suggest? 'nodsa': '{count} ignored security {issue} in {release}', Maybe this: 'nodsa': '{count} unimportant security {issue} in {release}', -- bye, pabs https://wiki.debian.org/PaulWise
Bug#868079: Security issues marked as no-dsa are shown as "ignored"
Package: tracker.debian.org Severity: normal The PTS shows no-dsa security issues as "Ignored security issue", but that's wrong: They are not ignored per se, it only means they don't warrant an immediate DSA. They can stable through a point release or they're lined up, they can be piggybacked on a DSA if a more severe issues comes forth or they can be left unfixed. But showing them as ignored is wrong and misleading. Cheers, Moritz