Hi Hugo,
thanks for bringing this up!
On Tue, Oct 15, 2019 at 02:47:56PM +0200, Hugo Lefeuvre wrote:
> it looks like we don't publish advisories for regression updates on the
> website (and neither does the security team).
I believe this is being tracked as #922246 "www/lts: if DLA-1234-1 and
DLA-1234-2 exist, only that last one shows up in indexes" or maybe not?
>We have discussed this on IRC
> yesterday and it seemed consensual that doing it would be a good idea.
same here.
> parse-dla.pl handles regression updates correctly, so we only need to state
> clearly that we either (1) do it or (2) don't do it, and document it in the
> wiki. If we decide to do it, it would be nice to publish missing advisories
> from previous regression updates as well?
yes, I think this would be useful.
--
cheers,
Holger
-------------------------------------------------------------------------------
holger@(debian|reproducible-builds|layer-acht).org
PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
Attachment:
signature.asc
Description: PGP signature