Date: 2017-08-11 05:39:29 +0000 (Fri, 11 Aug 2017)
New Revision: 54595
Add a couple of code markers for tags and states
Otherwise when converting from markdown to the html page the tag
is used as html tag and not showing up on.
--- doc/security-team.d.o/security_tracker 2017-08-11 05:34:00 UTC (rev
+++ doc/security-team.d.o/security_tracker 2017-08-11 05:39:29 UTC (rev
@@ -211,7 +211,7 @@
the bug report.
If a vulnerability does not affect Debian, e.g., because the vulnerable
-code is not contained, it is marked as <not-affected>:
+code is not contained, it is marked as `<not-affected>`:
CVE-2004-2628 (Multiple directory traversal vulnerabilities in thttpd 2.07
beta 0.4, ...)
- thttpd <not-affected> (Windows-specific vulnerabilities)
@@ -224,7 +224,7 @@
If you don't have time to fully research an issue, but it is abundantly
clear (via CVE text or other announcement) that the issue affects a
-particular package or set of packages, the <undetermined> tag can be
+particular package or set of packages, the `<undetermined>` tag can be
used. This has the advantage of entering the issue earlier in the
output of debsecan and on the PTS pages, which is useful for the small
set of proactive maintainers paying attention to these information
@@ -248,7 +248,7 @@
This is a good place for new contributors to get started since these
are issues that can be pruned quickly for new information that may
not have been known during the initial disclosure, and thus marked
-<unfixed> for further work or closed with a version number. Please
+`<unfixed>` for further work or closed with a version number. Please
add notes if you do change an undetermined issue to unfixed (unless
you're also fixing the issue in the process, which is of course the
ideal way to help/contribute).
@@ -273,7 +273,7 @@
If an issue is discovered in a package that has an RFP or ITP already filed,
then that is also noted in order to track the problem, and made sure it is
resolved before the package enters the archive. These issues are marked with
-the <itp> tag. Note this includes both ITPs and RFPs since (from a security
+the `<itp>` tag. Note this includes both ITPs and RFPs since (from a security
tracking standpoint) there is no advantage in tracking them in separate ways.
An example entry for an ITP/RFP package is:
@@ -352,7 +352,7 @@
Two sub-states exists: `<ignored>` and `<postponed>`.
-If an issue will further be ignored the <ignored> state is used.
+If an issue will further be ignored the `<ignored>` state is used.
If an issue deserves an update via a security advisory, but it is not needed to
release an advisory just because of this issue, rather than `<no-dsa>` the
Secure-testing-commits mailing list