Moritz Muehlenhoff wrote: > Steffen Joeris wrote: >> On the other hand, I was wondering, >> why we stopped sending DTSA announcements. > > Because it singles out a couple of packages, while you need to update daily > anyway. The majority of all testing fixes are coming through regular > testing migration.
The problem with not sending DTSAs for testing-security is that some people only want to cherry pick packages from testing-security besides daily upgrading testing... > IMO a weekly overview like the SuSE security summaries provide the best > balance. For up-to-date security overview debsecan is available. A weekly security summary might indeed also be a good idea. debsecan needs at least python (besides a MTA when mail is wanted) which is not always wanted... it's also host based which has some advantages, but also some disadvantages... Cheers Luk _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
