[Secure-testing-team] DTSA announcements

Stefan Fritsch sf at sfritsch.de
Tue Aug 21 17:30:20 UTC 2007


Hi,

on Tuesday 21 August 2007, Steffen Joeris wrote:
> As we all know, the DTSA announcements to the
> testing-security-announce lists are not send anymore. There was the
> idea of adding a script, which publishes the DTSA in a weekly
> newsletter (or monthly, or $whatever).

As Moritz pointed out, the announcements are of limited value because 
the user needs the normal testing upgrades as well. What would be 
nice would be a weekly overview mail that lists all testing-security 
uploads and all the security fixes that migrated from unstable. If 
such mails were created automatically, we could also have daily mails 
on a separate list for people who want to be informed more quickly.

But the main reason why I stopped sending the mails was that I lacked 
time. If someone else wants to send them, that's fine with me. The 
current procedure is described in website/index.html and 
doc/howto-DTSA in the svn repo. Some things could be more automated, 
but I guess the time would be better spent implementing the weekly 
summaries.

> if there is a script, which adds the md5sum to the package

BTW, we have not sent md5sums in the past and it does not really make 
sense, because people have to use apt anyway to get the other updates 
and secure-apt takes care of the integrity checking.

> It would maybe also be interesting to know, how many people are
> subscribed to the testing-security-announce ml.

Currently around 780.

Cheers,
Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070821/ca0a7f4e/attachment.pgp 


More information about the Secure-testing-team mailing list