[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Thomas Lange] upcoming changes of the web pages /security and /lts/security



В скором времени переводов рекомендаций по безопасности не будет. См.
ниже.

Всего наилучшего,
Лев

-------------------- Start of forwarded message --------------------
From: Thomas Lange <lange@cs.uni-koeln.de>
Date: Thu, 7 Dec 2023 20:38:05 +0100
To: debian-i18n@lists.debian.org, debian-www@lists.debian.org
Subject: upcoming changes of the web pages /security and /lts/security
CC: security@debian.org, lts-security@debian.org

Hi all,

in the past, all security related lists (like the N recent security
advisories, crossreferences, RSS feeds, OVAL) were using the .wml and
.data files which exists for each DSA and DLA. These two files are
still created manually for each DSA and DLA.

After talking to the security team, my goal is to remove the need of
this manuall work and generate all information automatically from the
primary security sources from the Debian Security Tracker. This also
makes the security information more early available to our users
without waiting for someone to prepare the .wml and .data files.


The changes will affect the webwml repository under /security/ and
/lts/security/.


What's already done

- The new lists of DSA/DLA are currently available under
  https://www.debian.org/security/new.html#DSAS
  https://www.debian.org/lts/security/new.html#DLAS

  The two new.html pages will replace the current index.html pages
  https://www.debian.org/security/index.html      and
  https://www.debian.org/lts/security/index.html

- The new list of recent security announcements now includes a
  link to the security tracker and the original announcement
  mails. The later link is a complete new feature of the web pages.

- The RSS security feeds for DSA and DLA are not generated from the
  .wml/.data files any more but using our new script mk-dsa-dla-list.
  The RSS content now includes a link to the security tracker and to the
  announcement mail.
  Since the change on Nov 16th we did not get any complaint about this.

- The OVAL files are generated without using the .data and .wml files.
  We now parse DebianSecTracker.json and /data/DSA/list from the sec-tracker
  Thanks to Carsten for implementing this. The OVAL XML files have now
  less errors but still aren ot perfect, because they never included
  information from DLA for older releases.

- A new collection of sources of security information
  https://www.debian.org/security/new.html#infos
  including examples how to access DSA, DLA and CVE information.


TODO:

- security/new.wml and lts/security/new.wml will replace the corresponding index.wml
- we need more translations for these two new wml files (hints for
  translators see below)
- The crossreferences will be removed an can easily replaced by using
  data/DSA/list which is easy to parse and read.

- Create new apache redirects. Currently we have
  www.d.org/security/dsa-<number> (only lowercase)
  to www.d.o/security/<year>/dsa-<number>
- Currently there's no similar redirect for the DLA
- NEW redirects
  redirect www.d.org/security/dsa-<number> to the announcement mail at
  lists.debian.org/debian-security-announce/<year>/<message-id>
  A script for generating the map file already exists.
  We will do this also for the DLA.

- all security/<year>/, key-rollover/ and undated/ files will be removed
- We will keep 2020-GRUB-UEFI-SecureBoot/ and 2021-GRUB-UEFI-SecureBoot/
- No more translations of security advisories are needed
  In 2023 only we had only french translations of the DSA/DLA. No
  other language did any translation of these information in 2023.
  French indeed translated ALL DSA/DLA. Wow!
  Thanks a lot to the french translators for this great work.
- We will keep the sec announcements and translations of 2023 for
  another 6 month before deleting them.
  Older translations will be removed in a few weeks after all changes
  were made.

- The translators are asked to prepare security/new.wml
  and lts/security/new.wml for their language. We will remove the old
  index.wml for languages which do not provide translations for the
  new pages.

  Here are some more infos, how I created the new.wml files:

  english/security/new.wml is a copy of english/security/index.wml with some changes.
  You will see the change history (including a rename from dsa.wml to new.wml) by
    $ git log -p --follow 3160b3931961~1.. new.wml

  For lts/security/new.wml use
    $ git log -p --follow a1010f1cb6fd~1.. new.wml



A side effect of the removal of the thousands of DSA/DLA will be that
our search engine will present better results. For e.g. if you search
for "security AND tracker" most results (of the 2000) are links to DSA
and DLA, but no information about our security tracker.
another e.g. for bad search result: "firefox" the first 10 hits you get are DSA from 2005 to 2007
another e.g.: search for "gnome" will list a lot of old DSA for icewaesel, icedove and other packages

If you have any comments, feel free to contact me.

-- 
best regards Thomas

-------------------- End of forwarded message --------------------


Reply to: