Hi Sylvian,
thanks for your work! Could you please create a merge request,
so we can discuss this nice improvement there?
Regards
Am Mi., 20. Apr. 2022 um 17:33 Uhr schrieb Sylvain Beucler
<beuc@beuc.net <mailto:beuc@beuc.net>>:
Now with the patch.
On Wed, Apr 20, 2022 at 05:08:20PM +0200, Sylvain Beucler wrote:
> During my last front-desk week I noticed that we tend to miss or
delay
> some buster security updates, in particular those that come in point
> releases, and a few batches of minor postponed fixes. See for
> instance, 'dpdk' [1] or 'mailman' [2].
>
> Attached is a patch to 'bin/lts-cve-triage.py' to help exhibit those
> updates so we schedule them in dla-needed.txt. This includes fixes
> from stable/oldstable point releases or past DSAs, but excludes
issues
> explicitly ignored, and old fixes from back when buster was unstable.
>
> The current output is manageable (40-50 packages), and I plan to trim
> it further down by properly tagging <ignored> some no-dsa issues that
> are not meant to be fixed in stretch (see e.g. 'ark' [3]), and
tagging
> <end-of-life> a few others (e.g. 'node-*').
>
> At this point front-desk can proceed as usual using the enhanced
> 'lts-cve-triage.py' output. Front-desk may need to use 'no-dsa'
> sparingly in the future, in favor of its 'postponed' and 'ignored'
> sub-states [4], so as to better help the tool.
>
> What do you think?
>
> Cheers!
> Sylvain Beucler
> Debian LTS Team
>
> [1]
https://security-tracker.debian.org/tracker/source-package/dpdk
<https://security-tracker.debian.org/tracker/source-package/dpdk>
> [2]
https://security-tracker.debian.org/tracker/source-package/mailman
<https://security-tracker.debian.org/tracker/source-package/mailman>
> [3]
https://security-tracker.debian.org/tracker/source-package/ark
<https://security-tracker.debian.org/tracker/source-package/ark>
> [4]
https://security-team.debian.org/security_tracker.html#issues-not-warranting-a-security-advisory
<https://security-team.debian.org/security_tracker.html#issues-not-warranting-a-security-advisory>