Re: [debian-pam] Web Page for PAM security compromise
- To: Steve Langasek <vorlon@debian.org>, Sam Hartman <hartmans@debian.org>, don@debian.org, weasel@debian.org, pkg-pam-devel@lists.alioth.debian.org, joeyh@debian.org, debian-www@lists.debian.org
- Subject: Re: [debian-pam] Web Page for PAM security compromise
- From: Simon Paillard <simon.paillard@resel.enst-bretagne.fr>
- Date: Wed, 5 Aug 2009 02:03:45 +0200
- Message-id: <[🔎] 20090805000345.GS25482@dedibox.ebzao.info>
- Mail-followup-to: Steve Langasek <vorlon@debian.org>, Sam Hartman <hartmans@debian.org>, don@debian.org, weasel@debian.org, pkg-pam-devel@lists.alioth.debian.org, joeyh@debian.org, debian-www@lists.debian.org
- In-reply-to: <[🔎] 20090804163934.GB18313@dario.dodds.net>
- References: <tslws5sna8y.fsf@mit.edu> <20090728152540.GB5377@dedibox.ebzao.info> <tslws5s7mce.fsf@mit.edu> <20090729234606.GA28512@dedibox.ebzao.info> <[🔎] 20090802205917.GB23509@dario.dodds.net> <[🔎] 20090803234531.GL25482@dedibox.ebzao.info> <[🔎] 20090804163934.GB18313@dario.dodds.net>
On Tue, Aug 04, 2009 at 05:39:34PM +0100, Steve Langasek wrote:
> On Tue, Aug 04, 2009 at 01:45:31AM +0200, Simon Paillard wrote:
> > > > Here is a skeleton and its HTML output:
> > > > http://europe.ebzao.info/~spaillar/debian/webwml/english/security/pam.wml
> > > > http://europe.ebzao.info/~spaillar/debian/webwml/english/security/pam.en.html
>
> > > The latter link doesn't appear to work?
>
> > A clean was perfomered in the mean time, the html output is back now.
>
> Thanks, that makes it easier to read. :) Filling in the blanks:
>
> XXX -> 1.0.1-6
> $date_X.X.X -> 28 Feb 2009
> YYY -> 1.0.1-9
> ZZZ -> 1.0.1-10
>
> Now, as for the overall content, the first paragraph is very misleading, as
> it implies that all users would have unsecured systems. Only a very small
> minority of users (mainly, those with pathological debconf setups) will be
> affected by the bug. So perhaps this is better?:
[..]
> Thoughts?
Better indeed, draft updated.
I think adding the date of the fix release 1.0.1-10 makes future reading
of this page more comprehensive.
Using DSA templates is not possible here, unless we agree to display
"Debian Security Advisory" as title page..
Regards.
--
Simon Paillard
Reply to: