Re: [SECURITY] [DLA 265-1] unattended-upgrades security update
Hello
Am 03.07.2015 um 13:03 schrieb Mike Gabriel:
> Hi Holger,
>
> On Fr 03 Jul 2015 12:48:06 CEST, Holger Levsen wrote:
>
>> Hi,
>>
>> On Freitag, 3. Juli 2015, Mike Gabriel wrote:
>>> The only way I can think of in terms of making this more fool proof, I
>>> guess, is by rejecting mails to debian-lts-announce if
>>>
>>> o a used DLA has not been reserved via the secure-testing SVN repo
>>> o the DLA has been reserved in the SVN repo, but for another package
>>
>> there is another way, which is probably easier to implement: parse
>> debian-lts-
>> announce mails and automatically add those DLAs to svn if that hasnt
>> been done
>> already.
>
> Yeah, I thought of this approach, as well...
>
> It will not always succeed, though, as there can be (normally is) a
> delay between running bin/genDLA and actually sending the DLA mail.
>
> My delays normally are:
>
> o write up a nice announcement text
> o possibly have lunch break inbetween
> o answer someone's phone or deal with people coming into my office
>
> In the meantime, someone else may have run bin/genDLA as well and
> actually committed the DLA number (I had that once already with Santiago).
>
> I guess we can capture something like 80% of the cases (which is good
> already) by auto-committing DLA's that come in via the d-l-a list, but
> for a 100% fix-up, we may need to bounce mails, it feels.
>
> Though, I am not fully sure here, just lacking imagination here. ;-)
>
Can this svn commit for the DLA number not be done within bin/genDLA ?
Kind regards,
Christian Mack
Reply to: