Hello Samuel, On 27/08/2024 23:17, Samuel Henrique wrote:
As I've mentioned before, here's the recording of the CVE talk from this year's DebConf, the talk is titled: "Fixing CVEs on Debian: Everything you probably know already" I've provided subtitles (en, pt-br) and chapter markers for the video on YouTube: https://youtu.be/XzNVVILVyUM
Thanks for the talk :) Nice beginner's overview of CVE processes.On a note, maybe I'd emphasizing testing more: there's much screen time about a git-based review workflow and only one slide on testing. In practice I find the opposite: I often spend little DLA time backporting (especially if the change was already identified, backports are most often trivial), and the vast majority of my time actually testing the changes, including manual tests targeting each CVE-impacted area :)
Cheers! Sylvain Beucler Debian LTS Team