Re: Stretch 9.2 announcement: dead link for ruby-rack-cors DSA

To: Moritz Mühlenhoff <jmm@inutil.org>
Cc: "Adam D. Barratt" <adam@adam-barratt.org.uk>, debian-www@lists.debian.org, team@security.debian.org
Subject: Re: Stretch 9.2 announcement: dead link for ruby-rack-cors DSA
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 11 Oct 2017 22:59:19 +0200
Message-id: <[🔎] 20171011205919.brbflizg3bffa4sr@eldamar.local>
Mail-followup-to: Moritz Mühlenhoff <jmm@inutil.org>, "Adam D. Barratt" <adam@adam-barratt.org.uk>, debian-www@lists.debian.org, team@security.debian.org
In-reply-to: <[🔎] 20171011203905.3mhfdsdi4hel6ef4@pisco.westfalen.local>
References: <[🔎] 20171011220844.7f1a9217208fb8d85421641e@wansing-online.de> <[🔎] 1507752908.18586.115.camel@adam-barratt.org.uk> <[🔎] 20171011202932.qv2evw4namxs2ybc@eldamar.local> <[🔎] 20171011203905.3mhfdsdi4hel6ef4@pisco.westfalen.local>

Hi

On Wed, Oct 11, 2017 at 10:39:05PM +0200, Moritz Mühlenhoff wrote:
> On Wed, Oct 11, 2017 at 10:29:32PM +0200, Salvatore Bonaccorso wrote:
> > Hi Adam,
> > 
> > On Wed, Oct 11, 2017 at 09:15:08PM +0100, Adam D. Barratt wrote:
> > > On Wed, 2017-10-11 at 22:08 +0200, Holger Wansing wrote:
> > > > at https://www.debian.org/News/2017/20171007 the DSA link for ruby-
> > > > rack-cors
> > > > is dead:
> > > > 
> > > > https://www.debian.org/security/2017/dsa-3931
> > > > 
> > > > There is no such DSA.
> > > > And also no such announcement on https://lists.debian.org/debian-secu
> > > > rity-announce/
> > > > 
> > > 
> > > It's in DSA/list in the secure-testing repository:
> > > 
> > > [10 Aug 2017] DSA-3931-1 ruby-rack-cors - security update
> > >         {CVE-2017-11173}
> > >         [stretch] - ruby-rack-cors 0.4.0-1+deb9u1
> > > 
> > > which is where the stable tools got the information from to begin with.
> > > 
> > > The package is also in http://security.debian.org/debian-security/pool/
> > > updates/main/r/ruby-rack-cors/
> > > 
> > > So it looks like the announcement went missing somehow. team@security
> > > CCed for comment.
> > 
> > Indeed, it looks that the announcement at least never arived in d-s-a.
> > 
> > I wonder if after two monts now it makes still sense to send the
> > advisory or at least just import the text for the website.
> 
> That's the DSA text, no idea why it got lost. Surely doesn't make sense to
> re-send it two months later:

I imported the text into webwml repository, so at least the webpage
will show up. 

Regards,
Salvatore

Reply to:

References:
- Stretch 9.2 announcement: dead link for ruby-rack-cors DSA
  - From: Holger Wansing <linux@wansing-online.de>
- Re: Stretch 9.2 announcement: dead link for ruby-rack-cors DSA
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Re: Stretch 9.2 announcement: dead link for ruby-rack-cors DSA
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: Stretch 9.2 announcement: dead link for ruby-rack-cors DSA
  - From: Moritz Mühlenhoff <jmm@inutil.org>

Prev by Date: Re: Stretch 9.2 announcement: dead link for ruby-rack-cors DSA
Next by Date: Re: Problem with WiFi
Previous by thread: Re: Stretch 9.2 announcement: dead link for ruby-rack-cors DSA
Next by thread: Problem with WiFi
Index(es):
- Date
- Thread