[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

The harden-*flaws packages.


I'm the maintainer of the harden-*flaws packages. The idea is to
have conflicts with packages that are known to have security holes.
This is not a big problem for unstable (and mostly for testing)
but now woody have become stable.

So I now ask you what you think. Should I upload updated conflicts
for woody or should I just let it be as is (the packages are
then quite useless in woody). Or should I upload new ones. With
which priority and for what distribution name? "woody-proposed-updates",
"woody", "woody-security-updates" or what?

It would be great if this could be updated along with new
DSA:s being released (yes I can hopefully help with this) but it
also means that I have to move the CVS for the package (and
possibly split it to a flaw-related and a non-flaw-related source

I have prepared new harden packages (for woody, the sid ones is of course
already uploaded) with a updated conflict list (mostly based on the DSA:s)
that I could upload anytime. But first I have to ask if this is ok.

The woody version differs some from the unstable version because of the
fact that different versions is applicable and different version was


// Ola

 --------------------- Ola Lundqvist ---------------------------
/  opal@debian.org                     Björnkärrsgatan 5 A.11   \
|  opal@lysator.liu.se                 584 36 LINKÖPING         |
|  +46 (0)13-17 69 83                  +46 (0)70-332 1551       |
|  http://www.opal.dhs.org             UIN/icq: 4912500         |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36  4FE4 18A1 B1CF 0FE5 3DD9 /

Reply to: