Re: security updates of Golang packages

To: Thorsten Alteholz <debian@alteholz.de>
Cc: debian-go@lists.debian.org
Subject: Re: security updates of Golang packages
From: Cyril Brulebois <cyril@debamax.com>
Date: Sun, 24 Apr 2022 14:08:23 +0200
Message-id: <[🔎] 20220424120823.i7kiytz6d2r4o5xg@debamax.com>
In-reply-to: <[🔎] alpine.DEB.2.21.2204241118000.30232@postfach.intern.alteholz.me>
References: <[🔎] alpine.DEB.2.21.2204241118000.30232@postfach.intern.alteholz.me>

Hallo Thorsten,

Thorsten Alteholz <debian@alteholz.de> (2022-04-24):
> some time ago, before the release of Buster, the Release Team and the
> Security Team critizied the missing tooling for security updates of
> Golang packages[1].
> 
> I would like to improve the situation here and try to develop some
> scripts to automatically rebuild/upload affected packages (they are
> basically based on the reverse dependencies detected by ratt). So I
> hope you don't mind if I upload seemingly random packages. The
> corresponding changelog entry should explain what CVE triggered the
> upload.

As a random Go packager, that looks like a terrific idea, thanks for
working on that!


Cheers,
-- 
Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https://debamax.com/

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- security updates of Golang packages
  - From: Thorsten Alteholz <debian@alteholz.de>

Prev by Date: security updates of Golang packages
Next by Date: Re: security updates of Golang packages
Previous by thread: security updates of Golang packages
Next by thread: Re: security updates of Golang packages
Index(es):
- Date
- Thread