[Secure-testing-team] Tracker implementation support

Micah Anderson micah at riseup.net
Fri Mar 10 16:45:50 UTC 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Moritz Muehlenhoff wrote:
> Florian Weimer wrote:
> 
>>Is anybody interested in contributing to the implementation of the web
>>front end?

I mostly am not able to... However, I did want to suggest some wording
changes to the front page so we could get the tracker underneath a
debian.org address (as discussed at the previous meeting).


Suggestions for re-wording:

1. Instead of this:

This is the experimental issue tracker for Debian's testing security
team. Keep in mind that this is merely a prototype. Please report any
problems to Florian Weimer.Note that some of the data presented here is
known to be wrong (see below), but the data for the testing suite should
be fine.

replace with:

Welcome to the Debian security tracker!

The data in this tracker comes solely from the bug database maintained
by Debian's security team located in the testing-security Subversion
[1]repository. The data represented here is derived from: [2]DSAs issued
by the Security Team; issues tracked in the [3]CVE database, issues
tracked in the [4]National Vulnerability Database (NVD), maintained by
NIST; and security issues discovered in Debian packages as reported in
the BTS.

All exteral data (including Debian bug reports and official Debian
security advisories) must be added to this database before it appears
here. Please help us keep this information up-to-date by[5]reporting any
discrepancies or change of states that you are aware of and/or help us
improve the quality of this information by [5]participating.

(cut out the "Data sources" section as this is now redundant)

The following are the hyperlinks for the above:
1. http://svn.debian.org/wsvn/secure-testing/data
2. http://www.debian.org/security/#DSAS
3. http://www.cve.mitre.org/cve/index.html
4. http://nvd.nist.gov/
5. http://idssi.enyo.de/tracker/report

The page http://idssi.enyo.de/tracker/report would then contain the
following information:

Reporting discrepancies in the data
- -----------------------------------

The data in this tracker is always in flux, as bugs are fixed and new
issues disclosed, the data contained herein is updated. We strive to
maintain complete and accurate state information, and appreciate any
updates in status, information or new issues.



There are three ways that you can report updates to this information:

1. IRC: We can be found at irc.oftc.net, #debian-security. If you have
information to report, please go ahead and join the channel and tell us.
Please feel free to state the issue, regardless if there is someone who
has acknowledged you. Many of us idle on this channel and may not be
around when you join, but we read the backlog and will see what you have
said. If you require a response, do not forget to let us know how to get
a hold of you.

2. Mailing list: Our mailing list is:
secure-testing-team at lists.alioth.debian.org


3. Helping out: We welcome people who wish to join us in tracking
issues. The process is designed to be easy to learn and participate,
please read our [6]Introduction to get familiar with how things work.
Join us on our mailing list, and on IRC and request to be added to the
Alioth [7]project. We are really quite friendly. If you have a question
about how things work, don't be afraid to ask, we would like to improve
our documentation and procedures, so feedback is welcome.


6. http://svn.debian.org/wsvn/secure-testing/doc/narrative_introduction
7. http://alioth.debian.org/projects/secure-testing/


Micah
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFEEa0+9n4qXRzy1ioRAhaqAJ0TMgI3XpBoaxGdAgZz7BzR0ZC1ugCgqCaR
xEbYdTP4KCCx0mp/elAv/8Q=
=tAed
-----END PGP SIGNATURE-----

More information about the Secure-testing-team mailing list