Re: [debian-pam] Web Page for PAM security compromise

[Simon Paillard <simon.paillard@resel.enst-bretagne.fr>]

On Tue, Aug 04, 2009 at 05:39:34PM +0100, Steve Langasek wrote:
> On Tue, Aug 04, 2009 at 01:45:31AM +0200, Simon Paillard wrote:
> > > > Here is a skeleton and its HTML output:
> > > > http://europe.ebzao.info/~spaillar/debian/webwml/english/security/pam.wml
> > > > http://europe.ebzao.info/~spaillar/debian/webwml/english/security/pam.en.html
> 
> > > The latter link doesn't appear to work?
> 
> > A clean was perfomered in the mean time, the html output is back now.
> 
> Thanks, that makes it easier to read. :)  Filling in the blanks:
> 
>   XXX -> 1.0.1-6
>   $date_X.X.X -> 28 Feb 2009
>   YYY -> 1.0.1-9
>   ZZZ -> 1.0.1-10
> 
> Now, as for the overall content, the first paragraph is very misleading, as
> it implies that all users would have unsecured systems.  Only a very small
> minority of users (mainly, those with pathological debconf setups) will be
> affected by the bug.  So perhaps this is better?:
[..] 
> Thoughts?

Better indeed, draft updated.

I think adding the date of the fix release 1.0.1-10 makes future reading
of this page more comprehensive.
Using DSA templates is not possible here, unless we agree to display
"Debian Security Advisory" as title page..

Regards.

-- 
Simon Paillard