Re: New Security Look
Quoting Darren Benham (gecko@benham.net):
> Well.. I got the old security pages converted to the new look. Now
> I'm going to get the last 6 months of alerts added. In the mean time,
> the existing pages should be onsite in a day or two. I would
> appreciate people going over them and giving me some feedback. Help
> me proofread them. I pretty much blazed over them forcing them in to
> a certain template... Now I need to know how it worked out.
Is what's on www.debian.org/security right now the current version? If
not, ignore the rest of this; if so, some points that need to get taken
care of ASAP: There's a big bold header that says that all of our
security info is out of date. It also refers people to the security list
archives (without providing a link.) But if you click on the archives
for 1998, you get security reports up to sep 22, which is the last
message sent to security-announce. (I.e., the web page _is_ up to date
w/security-announce.) (And why is 1998 in an archive section instead of
being on the first page?)
Suggestions: instead of saying "Stable (alias Hamm)", why not "Debian
2.0 (stable, alias hamm)" or some such. I think having the release
number in there would be nice (IMHO, many non-developers think in terms
of numbers rather than cute codenames.)
Also, how 'bout making it more obvious from the first page whether or
not debian has a problem? (It seems silly to make someone click on the
link just to read that debian is unaffected.) What if it looked like
this:
[22 Sep 1998] tcsh - fix
a buffer overflow
And then, instead of "fix", we could put "alert" if there's no patch
available yet, or "notice" if debian is unaffected.
Mike stone
Reply to: