Re: Draft of announcement for Debian LTS
Hi,
I've incorporated various updates, see new version attached.
On Fri, May 23, 2014 at 12:18:03PM +0100, Dominic Hargreaves wrote:
> On Fri, May 23, 2014 at 11:54:06AM +0200, Moritz Muehlenhoff wrote:
> > please review and comment on attached draft (especially those among you who
> > are native speakers in English). I'm planning to send it on Sunday.
>
> To debian-security-announce and debian-announce?
Yes, I'll send to d-s-a directly and feed this to press@debian.org for a mail
to debian-announce.
> > Anything I'm missing in the annoucement?
>
> A note about what will happen to backports (see my other post) would
> make sense.
I added a note now that Alexander clarified that it will continue to be supported.
> > the initial organisation and setup of Squeeze LTS has now happened and it is ready
> > for taking over security support once the standard security support ends at the
> > end of May. Here's the important information as announced earlier:
> >
> >
> > Information for users
> > =====================
> >
> > You need to enable the apt sources for squeeze-lts manually. Information on how
> > to do this can be found at
> > https://wiki.debian.org/LTS/Development#Add_squeeze-lts_to_your_sources.list
> >
> > You should also subscribe to the new annoucement mailing list for security
> > updates for squeeze-lts:
> > https://lists.debian.org/debian-lts-announce/
> >
> > A few packages are not covered by the Squeeze LTS support. These can be
> > detected with the new tool debian-security-support. Information on how
> > to run it can be found here:
> > https://wiki.debian.org/LTS/Development#Check_for_unsupported_packages
>
> Should this user info be added to
>
> https://www.debian.org/security/
>
> instead of the wiki?
I think until things are sorted out (I expect some additional questions/clarifications
after the public announcement) we should use the wiki as the primary source.
But it would be good to feed this into https://www.debian.org/security/ as well.
Can someone take care of this and work with the Debian WWW team on this
(debian-www@lists.debian.org)?
> > If debian-security-support detects an unsupported package which is critical
> > to you, please get in touch with debian-lts@lists.debian.org (seee below).
> >
> >
> > Information for Debian maintainers
> > ==================================
> >
> > First of all, Debian package maintainers are not expected to work on updates of
> > their packages for squeeze-lts. If you _are_ interested in doing so, you're
> > certainly welcome to do so; everyone in the Debian.org and Debian maintainers
> > key ring can upload to the squeeze-lts suite. Information on how to upload
> > a fixed package can be found at
> > https://wiki.debian.org/LTS/Development#Upload_Packages
>
> It's probably worth making explicit in the introduction who *will* be
> working on the updates if not package maintainers (ie that there is an
> LTS team). Otherwise this section could seem a bit negative from the
> user's point of view.
I've updated the section, does that work for you?
> > Security Tracker
> > ================
> >
> > All information on security in Debian is tracked through the Debian Security Tracker
> > (http://security-tracker.debian.org).
>
> This sentence looks like a previous edit that's no longer needed?
Fixed.
Cheers,
Moritz
Hi,
the initial organisation and setup of Squeeze LTS has now happened and it is ready
for taking over security support once the standard security support ends at the
end of May. Here's the important information as announced earlier:
Information for users
=====================
Support for Squeeze LTS will end five years after the release of Squeeze, i.e.
until the 6th of February 2016.
You need to enable the apt sources for squeeze-lts manually. Information on how
to do this can be found at
https://wiki.debian.org/LTS/Development#Add_squeeze-lts_to_your_sources.list
You should also subscribe to the new annoucement mailing list for security
updates for squeeze-lts:
https://lists.debian.org/debian-lts-announce/
A few packages are not covered by the Squeeze LTS support. These can be
detected with the new tool debian-security-support. Information on how
to run it can be found here:
https://wiki.debian.org/LTS/Development#Check_for_unsupported_packages
If debian-security-support detects an unsupported package which is critical
to you, please get in touch with debian-lts@lists.debian.org (see below).
squeeze-backports will continue to be supported for the lifetime of Squeeze LTS.
Information for Debian maintainers
==================================
First of all, Debian package maintainers are not expected to work on updates of
their packages for squeeze-lts. Package updates for squeeze-lts will be handled
by the Debian LTS team.
However, if you _are_ interested in doing so (and the maintainer always knows
best on a package), you're certainly welcome to do so; everyone in the Debian.org
and Debian maintainers key ring can upload to the squeeze-lts suite. Information
on how to upload a fixed package can be found at
https://wiki.debian.org/LTS/Development#Upload_Packages
Mailing list
============
The whole coordination of the Debian LTS effort is handled through the debian-lts
mailing list:
https://lists.debian.org/debian-lts/
Please subscribe or follow us via GMANE (gmane.linux.debian.devel.lts)
Aside from the debian-lts-announce list, there's also a list for following all
uploads in debian-lts (https://lists.debian.org/debian-lts-changes/).
Security Tracker
================
All information on the status of vulnerabilities (e.g. if the version in squeeze-lts
happens to be unaffected while wheezy is affected) will be tracked in the Debian
Security Tracker:
http://security-tracker.debian.org
If you happen to spot an error in the data, please see
https://security-tracker.debian.org/tracker/data/report
Cheers,
Moritz
Reply to: