Re: reportbug: please inform security and lts teams about security update regressions
- To: 878088@bugs.debian.org, apo@debian.org
- Cc: Debian LTS <debian-lts@lists.debian.org>, "team@security.debian.org" <team@security.debian.org>, geissert@debian.org, agx@sigxcpu.org
- Subject: Re: reportbug: please inform security and lts teams about security update regressions
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Sun, 10 Dec 2017 12:51:38 +0100
- Message-id: <[🔎] 20171210115138.GA19589@eldamar.local>
- Mail-followup-to: 878088@bugs.debian.org, apo@debian.org, Debian LTS <debian-lts@lists.debian.org>, "team@security.debian.org" <team@security.debian.org>, geissert@debian.org, agx@sigxcpu.org
- In-reply-to: <[🔎] 20171210090055.GB30428@eldamar.local>
- References: <687054c7-d52a-786c-a0f2-93985d87d0fe@debian.org> <[🔎] ad8060ab-29df-fed0-5bac-6d3c331731d1@debian.org> <[🔎] 20171210090055.GB30428@eldamar.local>
Hi
On Sun, Dec 10, 2017 at 10:00:55AM +0100, Salvatore Bonaccorso wrote:
> Hi
>
> Cc'ing explicitly Guido and Raphael, who commented before.
>
> On Sat, Dec 09, 2017 at 03:25:14PM +0100, Markus Koschany wrote:
> > Hi,
> >
> > I have updated my patch for reportbug. Now emails are sent only to one
> > of the team mailing lists based on the release number in the version
> > string. There is apparently no simple way to determine the relationship
> > between release number, code name, suite and whether this is a LTS
> > release. So we came up with a simple json file which provides this kind
> > of information and can be adjusted as time goes by. We think that
> > security-tracker.debian.org would be a good place for this file but I'd
> > appreciate it if someone from the security team told us the exact location.
> >
> > See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878088#45
>
> So let me first understand the information you would need from that
> file (here in sort-of-yaml):
>
> ----cut---------cut---------cut---------cut---------cut---------cut-----
> wheezy:
> major-version: 7
> support: lts
> jessie:
> major-version: 8
> support: security
> stretch:
> major-version: 9
> support: security
> buster:
> major-version: 10
> support: none
> bullseye:
> major-version: 11
> support: none
> ----cut---------cut---------cut---------cut---------cut---------cut-----
But rather in JSON than YAML. Florian would not recommend using YAML, and
furthermore it's more consistent with the tracker itself.
----cut---------cut---------cut---------cut---------cut---------cut-----
{
"wheezy": {
"major-version": "7",
"support": "lts"
},
"jessie": {
"major-version": "8",
"support": "security"
},
"stretch": {
"major-version": "9",
"support": "security"
},
"buster": {
"major-version": "10",
"support": "none"
},
"bullseye": {
"major-version": "11",
"support": "none"
}
}
----cut---------cut---------cut---------cut---------cut---------cut-----
and beeing accessible under https://security-tracker.debian.org/tracker/distributions.json
Regards,
Salvatore
Reply to: