[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security information

On Sat, Jan 10, 1998 at 10:50:07AM -0500, James A.Treacy wrote:

> So am I. I hope you have noticed my attempts over the last few months
> to get someone to take care of them. Unfortunately, all that has been

I have to admit that I haven't.  But I remember the discussion we
had with Chris.

> Well that is not strictly true. Before Christmas, Karl Hegbloom
> <karlheg@debian.org> offered. Getting in contact with him to get things
> going was next on my list. I've CCed him with this reply (Karl, please
> subscribe to debian-www). My only reservation with having him do this
> is that he doesn't already subscribe to bugtraq. This job would be
> much less additional work for someone already reading it (it is
> fairly high volume). Can someone post the subscription address for bugtraq?

It's bugtraq-request@netspace.org afaik

> I agree with everything you've posted. I think it includes all the
> criticisms received so far. The page you converted also looks good.

Which one?  Shall I complete convertion so you can replace the
page on va?

> After we have released 2.0 it won't be so critical to note when the
> fixed package makes it into stable as all packages will be libc6 based.
> Do you still think it is important? Also, all the information files
> should go in a subdirectory.

Right after 2.0 is released it's not so important, but just a month
after the releaes it is important.  We might miss another thing like
perl again.

> Joey, if there are any problems with Karl doing the page, would you
> be able to do it?

I could try, but I'm very, very busy at the moment.  I've got several
packages, I'm backup list manager and as Chris is unavailable I feel
as backup security officer, too.  I've running powerpc.debian.org,
m68k.debian.org (well, no work concerned at the moment) and I will
start running sparc.debian.org in a few days.  At least the powerpc
will eat a fair amount of time and I have to finish some things until
31st of january.  Well and I have to organize my exams.

> I'm looking forward to finally getting this resolved. It's been a
> thorn in my side for too long. I'm including the rest of your post
> for the benefit of Karl.

What's the problem with maintaining the pages yourself?  That's quite
easy for you as you only have to watch what comes in from security
managers (better subscribe to several security lists, too).  Then you
"only" have to convert the input you receive to html.  Should not
be too difficult, should it?



  / Martin Schulze  *  joey@infodrom.north.de  *  26129 Oldenburg /
 /              Whenever you meet yourself you're in a time loop /
/ http://home.pages.de/~joey/           or in front of a mirror /

Attachment: pgpI60VwxKKdY.pgp
Description: PGP signature

Reply to: