Your message dated Sun, 17 Feb 2019 13:34:11 +0000 with message-id <E1gvMaB-0005lZ-IZ@fasolo.debian.org> and subject line Bug#839885: fixed in developers-reference 3.4.23 has caused the Debian Bug report #839885, regarding developers-reference: reintroducing packages: update security issue metadata to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 839885: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839885 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: developers-reference: reintroducing packages: update security issue metadata
- From: Paul Wise <pabs@debian.org>
- Date: Thu, 06 Oct 2016 13:13:34 +0800
- Message-id: <1475730814.13498.6.camel@debian.org>
Package: developers-reference Severity: wishlist X-Debbugs-CC: security@debian.org I would like to add a paragraph to the section about reintroducing packages so that people reintroducing packages check the security tracker metadata for the old package and update the metadata once it gets reintroduced to Debian. https://www.debian.org/doc/manuals/developers-reference/pkgs.html#reintroducing-pkgs I propose the following text, please wait for an ack from the security team before adding it to devref. Package removals from unstable also trigger marking the package as removed in the security tracker. Debian members should [mark removed issues as unfixed][1] in the security tracker repository and all others should contact[2] the security team to report reintroduced packages. 1. https://security-team.debian.org/security_tracker.html#removed-packages 2. https://security-tracker.debian.org/tracker/data/report -- bye, pabs https://wiki.debian.org/PaulWiseAttachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---
- To: 839885-close@bugs.debian.org
- Subject: Bug#839885: fixed in developers-reference 3.4.23
- From: Holger Levsen <holger@debian.org>
- Date: Sun, 17 Feb 2019 13:34:11 +0000
- Message-id: <E1gvMaB-0005lZ-IZ@fasolo.debian.org>
Source: developers-reference Source-Version: 3.4.23 We believe that the bug you reported is fixed in the latest version of developers-reference, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 839885@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Holger Levsen <holger@debian.org> (supplier of updated developers-reference package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 17 Feb 2019 13:44:03 +0100 Source: developers-reference Architecture: source Version: 3.4.23 Distribution: unstable Urgency: medium Maintainer: Developers Reference Maintainers <debian-policy@lists.debian.org> Changed-By: Holger Levsen <holger@debian.org> Closes: 376590 430889 483232 494470 775740 817914 839885 855320 908155 Changes: developers-reference (3.4.23) unstable; urgency=medium . [ Holger Wansing ] * Globally change "new maintainer" into "new member". Closes: #817914. . [ Holger Levsen ] * scope.dbk: extend: s#Debian developers#Debian developers and maintainers# * tools.dbk: - stop recommending remote signing of packages, especially using debrsign. Closes: #855320. Thanks to Daniel Kahn Gillmor. - slightly reword existing paragraph about dch and debchange. Closes: #494470. * best-pkging-practices.dbk: add another example of a multi binary source package. Closes: #430889. * l10n.dbk: drop paragraph about Debian specific manpages maintained in cvs. * developer-duties.dbk: improve paragraph about coordinating with upstreams. Closes: #908155. Thanks to Ian Jackson and Wouter Verhelst for the wording. * pkgs.dbk: - clarify the recipients of 123-submitter@b.d.o. Closes: #775740. Thanks to Josch Schauer for the wording. - don't suggest to test downgrading packages. Closes: #376590. Thanks to Justin Pryzby. - add a paragraph to the section about reintroducing packages to check and update the security tracker metadata. Closes: #839885. Thanks to Paul Wise. * beyond-pkging.dbk: mention mass-bugs for reporting bugs against many packages. Closes: #483232. Thanks to Sandro Tosi for the suggestion. * common.ent: - drop url-cvsweb. - switch five http urls to https, leaving one http url. * d/control: mark all binary packages as multiarch: foreign. * Update po4a/po/developers-reference.pot and po4a/po/*.po for the new and changed strings. * README.contributing: - renamed from README-contrib. - update instructions how to update .po files. * d/TODO: remove some ancient entries and clarify that only the BTS should be used in the long term. Checksums-Sha1: dba327e74fe2ec51e98c6bf7a72c4c8ed742a78a 2398 developers-reference_3.4.23.dsc b83a10cf5cb15bd841e2d8bcb2787d286f85199c 671300 developers-reference_3.4.23.tar.xz 4962327916996a353f4efcd7cad927c31c02fdd6 5187 developers-reference_3.4.23_source.buildinfo Checksums-Sha256: b88ea3b436d735fdaaf022c9c26c099f374f2bcf9dd89db6a2813ddfd76ce90f 2398 developers-reference_3.4.23.dsc 9abe6d60c2975bcf7cd25e930d6d0f1b0f6d150a41f41d09d3cd36115dde2477 671300 developers-reference_3.4.23.tar.xz 013c4eccc6a890552db717cd51cd555de56705dbede2c78644f821b86db14bc1 5187 developers-reference_3.4.23_source.buildinfo Files: 8c01664a739cc087e8f72d5aa3d394ef 2398 doc optional developers-reference_3.4.23.dsc fb58bbc7005b1138a860805fdb8e76da 671300 doc optional developers-reference_3.4.23.tar.xz 136e8bd2cdf29eeb8cae33094c999338 5187 doc optional developers-reference_3.4.23_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAlxpW1UACgkQCRq4Vgaa qhwoOw/8C5bb4KxQuciKRuTJIQ4ns4H76V8UFHJafR8iVym/iXIgm2xf9XRaHrz1 psRIZVroGJiyDjLy7ZaFaePgsod/aLAlGeerx2hEH1niWJDj0lItR+6UcCvDJuV+ mpWb/3565dbb78n5C/lhgg2E7D2AqGq4WcUHU8UxGH67+/oetG0yo0WJ/SMdcB6E scHXk53byImiridkPiOnCtKlHb+UMy0/Llm7MZX9/tSTj+mASo3fjy/LGoaQpzFk hdxKr+hAumAxbzTD8ohyi7dPq9fe5zNvMJ6eVgO46SNnYDwXGFTxC5yia/58m3Vm ky1e2fY7vdPEdABTXlVp+2FJ0jacjIBljdkm2C+d0571ZgjADBZ128u3D6t2xw7g hMzGNnOD7glqZyz/Nq1H4srMWNhTQf3q9D8cFdmIYfHW+7bmrGvqvL6PblghKCJg ntX4t23utp/tOWI8SiaPyKjrH2ZuK/ibJ1/X836/I+b6Js4jVaU9haLyPS2J9kMy FO8slTAtqir7CU5CDcDf7jJ8VuFpJ0lkys7NS0L5bH0eEkrvd0yP3GVq0zoM73Ib k02QETc/TRzqIjlPeMpn9zIwWV7SgWDNLCxYO8lOksHaSWv4Yt0nEcd3eDhYp5G+ OFuU8acYQiMhwpht8pDTXSMFoqdTUNzaj90FqzbXHyuU/m3Df1Q= =l6/N -----END PGP SIGNATURE-----
--- End Message ---