Re: script to review no-dsa packages fixed in LTS-1 and TLS+1

To: Roberto C. Sánchez <roberto@debian.org>, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Tue, 7 Jul 2020 17:18:59 +0200
Message-id: <[🔎] 8e67414a-7b54-532a-c17b-49b122663711@debian.org>
In-reply-to: <[🔎] 20200707150037.GP17417@connexer.com>
References: <[🔎] 5bb46b0e-f690-2ca3-affa-bee4c34d44a8@debian.org> <[🔎] 20200707150037.GP17417@connexer.com>

On 07/07/2020 17:00, Roberto C. Sánchez wrote:
> On Tue, Jul 07, 2020 at 04:37:30PM +0200, Emilio Pozuelo Monfort wrote:
>>
>> I've worked on a script to find these cases so they can be reviewed. It doesn't
>> consider packages that have been fixed in lts+1 via unstable, but only those that
>> have been explicitly fixed there via DSA or point release. I could change that, but
>> for now there's enough CVEs to review so let's start with that.
>>
> 
> This sounds very close to the issue lts-team/lts-extra-tasks#11.  You
> made a preliminary comment a week ago saying you would likke into it.
> Would you mind updating that issue with your work-in-progress?

Done. That would be in [1] if anybody feels like reviewing it.

> Also,
> you should consider assigning it to yourself to ensure that there is not
> duplication of effort.

I think I did that :-)

Cheers,
Emilio

[1]
https://salsa.debian.org/security-tracker-team/security-tracker/-/merge_requests/57

Reply to:

References:
- script to review no-dsa packages fixed in LTS-1 and TLS+1
  - From: Emilio Pozuelo Monfort <pochu@debian.org>
- Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
  - From: Roberto C. Sánchez <roberto@debian.org>

Prev by Date: Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
Next by Date: Re: supported Ruby packages
Previous by thread: Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
Next by thread: Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
Index(es):
- Date
- Thread