[Secure-testing-team] DTSA advisory format

[Anthony DeRobertis]

Moritz Muehlenhoff wrote:

> - The install recommendation uses apt-get install foo. So we'd need to
>   specify a list of all binary names here to properly install the update.
>   Shouldn't we just recommend dist-upgrade instead? (If people use the
>   testing security apt repo they don't have to cherry pick fixes)

apt-get dist-upgrade might very well pull in a lot of stuff which isn't
related to the update (considering testing changes nightly, this is
fairly likely).