Re: [debian-pam] Web Page for PAM security compromise
- To: Steve Langasek <email@example.com>, Sam Hartman <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com
- Subject: Re: [debian-pam] Web Page for PAM security compromise
- From: Simon Paillard <firstname.lastname@example.org>
- Date: Wed, 5 Aug 2009 02:03:45 +0200
- Message-id: <[🔎] 20090805000345.GS25482@dedibox.ebzao.info>
- Mail-followup-to: Steve Langasek <email@example.com>, Sam Hartman <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com
- In-reply-to: <[🔎] 20090804163934.GB18313@dario.dodds.net>
- References: <firstname.lastname@example.org> <20090728152540.GB5377@dedibox.ebzao.info> <email@example.com> <20090729234606.GA28512@dedibox.ebzao.info> <[🔎] 20090802205917.GB23509@dario.dodds.net> <[🔎] 20090803234531.GL25482@dedibox.ebzao.info> <[🔎] 20090804163934.GB18313@dario.dodds.net>
On Tue, Aug 04, 2009 at 05:39:34PM +0100, Steve Langasek wrote:
> On Tue, Aug 04, 2009 at 01:45:31AM +0200, Simon Paillard wrote:
> > > > Here is a skeleton and its HTML output:
> > > > http://europe.ebzao.info/~spaillar/debian/webwml/english/security/pam.wml
> > > > http://europe.ebzao.info/~spaillar/debian/webwml/english/security/pam.en.html
> > > The latter link doesn't appear to work?
> > A clean was perfomered in the mean time, the html output is back now.
> Thanks, that makes it easier to read. :) Filling in the blanks:
> XXX -> 1.0.1-6
> $date_X.X.X -> 28 Feb 2009
> YYY -> 1.0.1-9
> ZZZ -> 1.0.1-10
> Now, as for the overall content, the first paragraph is very misleading, as
> it implies that all users would have unsecured systems. Only a very small
> minority of users (mainly, those with pathological debconf setups) will be
> affected by the bug. So perhaps this is better?:
Better indeed, draft updated.
I think adding the date of the fix release 1.0.1-10 makes future reading
of this page more comprehensive.
Using DSA templates is not possible here, unless we agree to display
"Debian Security Advisory" as title page..