[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#907723: link package versions on security-tracker to source packages

Package: security-tracker
Severity: wishlist
X-Debbugs-Cc: debian-lts@lists.debian.org


when working for the LTS team, I regularly need to download source packages from the LTS version of Debian. My development machine normally runs a newer Debian version, having deb-src URLs for Debian LTS in sources.list is possible but not a good option (for me) as it increases latency for apt update.

So, I always go to [1] with my web browser, copy the URL of the .dsc file and then dget that .dsc file.

However, for the actual CVE tracking work, I browse the security-tracker.debian.org platform. This could be my only web tool to use, if it allowed me to download source packages directly from there. Unfortunately, this is not (yet) possible.

On a page like this [2] all package versions of the given package in Debian are listed, so it should be easy to make these version strings clickable hyperrefs that either link to the corresponding page on [1] or even directly to the .dsc file of that version in the package archive (the latter would be my preferred choice).

Is that something that would be helpful to others using the security-tracker? What would be the preferred linking target, if so, then?

Looking forward to some feedback from Security team members and LTS members. I'd be happy to put some work into this, if liked by others.


[1] https://packages.debian.org/source/<lts>/<srcpackage>
[1] https://security-tracker.debian.org/tracker/CVE-2018-10873

mike gabriel, herweg 7, 24357 fleckeby
mobile: +49 (1520) 1976 148
landline: +49 (4354) 8390 139

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

Attachment: pgpVfNy_sSUWz.pgp
Description: Digitale PGP-Signatur

Reply to: