[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Publishing advisories for regression updates on the website

Hi Hugo, 

thanks for bringing this up!

On Tue, Oct 15, 2019 at 02:47:56PM +0200, Hugo Lefeuvre wrote:
> it looks like we don't publish advisories for regression updates on the
> website (and neither does the security team).

I believe this is being tracked as #922246 "www/lts: if DLA-1234-1 and
DLA-1234-2 exist, only that last one shows up in indexes" or maybe not?

>We have discussed this on IRC
> yesterday and it seemed consensual that doing it would be a good idea.

same here.

> parse-dla.pl handles regression updates correctly, so we only need to state
> clearly that we either (1) do it or (2) don't do it, and document it in the
> wiki. If we decide to do it, it would be nice to publish missing advisories
> from previous regression updates as well?

yes, I think this would be useful.


       PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

Attachment: signature.asc
Description: PGP signature

Reply to: