[Secure-testing-commits] r4087 - data/DTSA website

Neil McGovern neilm at costa.debian.org
Sun May 28 16:22:20 UTC 2006 

Author: neilm
Date: 2006-05-28 16:22:16 +0000 (Sun, 28 May 2006)
New Revision: 4087

Modified:
   data/DTSA/dtsa
   data/DTSA/template
   website/index.html
Log:
Modified various bits and pieces to point at security.d.o instead of the old archive
(sorry it's taken so long, I blame DebConf)


Modified: data/DTSA/dtsa
===================================================================
--- data/DTSA/dtsa	2006-05-28 09:52:47 UTC (rev 4086)
+++ data/DTSA/dtsa	2006-05-28 16:22:16 UTC (rev 4087)
@@ -237,13 +237,9 @@
 	ascii.write("To use the Debian testing security archive, add the following lines to\n")
 	ascii.write("your /etc/apt/sources.list:\n")
 	ascii.write("\n")
-	ascii.write("deb http://secure-testing.debian.net/debian-secure-testing etch/security-updates main contrib non-free\n")
-	ascii.write("deb-src http://secure-testing.debian.net/debian-secure-testing etch/security-updates main contrib non-free\n")
+	ascii.write("deb http://security.debian.org/ testing/updates main contrib non-free\n")
+	ascii.write("deb-src http://security.debian.org/ testing/updates main contrib non-free\n")
 	ascii.write("\n")
-	ascii.write("Run the following command as root to make apt trust this repository:\n")
-	ascii.write("\n")
-	ascii.write("wget http://secure-testing-master.debian.net/ziyi-2005-7.asc -O - | sudo apt-key add -\n")
-	ascii.write("\n")
 
 	ascii.write("To install the update, run this command as root:\n")
 	ascii.write("\n")

Modified: data/DTSA/template
===================================================================
--- data/DTSA/template	2006-05-28 09:52:47 UTC (rev 4086)
+++ data/DTSA/template	2006-05-28 16:22:16 UTC (rev 4087)
@@ -30,12 +30,9 @@
 To use the Debian testing security archive, add the following lines to
 your /etc/apt/sources.list:
 
-  deb http://secure-testing.debian.net/debian-secure-testing etch/security-updates main contrib non-free
-  deb-src http://secure-testing.debian.net/debian-secure-testing etch/security-updates main contrib non-free
+  deb http://security.debian.org/ testing/updates main contrib non-free
+  deb-src http://security.debian.org/ testing/updates main contrib non-free
 
-The archive signing key can be downloaded from
-http://secure-testing.debian.net/ziyi-2005-7.asc
-
 To install the update, run this command as root:
 
   apt-get update && apt-get install __PACKAGE__

Modified: website/index.html
===================================================================
--- website/index.html	2006-05-28 09:52:47 UTC (rev 4086)
+++ website/index.html	2006-05-28 16:22:16 UTC (rev 4087)
@@ -98,23 +98,6 @@
 	<tt>svn://svn.debian.org/secure-testing/</tt>.
 	</p>
 
-	<h2>secure-testing mirrors</h2>
-
-	<p>The following mirrors are available:</p>
-	<ul>
-	<li>ftp.de.debian.org         (located in Germany)
-	<li>mirror.debianforum.de     (located in Germany)	
-	<li>ftp.nl.debian.org         (located in the Netherlands)
-	<li>the.earth.li              (located in UK)
-	<li>ftp2.jp.debian.org        (located in Japan)
-	<li>farbror.acc.umu.se        (located in Sweden)
-	<li>secure-testing.debian.net (round-robin DNS)
-	</ul>
-	
-	<p>If you want to mirror secure-testing.debian.net,
-	please see <a href="mirroring.html">mirroring.html</a> for detailed information.</p>
-	
-
 	<h2>Uploads to the secure-testing repository</h2>
 
 	<p>
@@ -128,8 +111,8 @@
 		breaking secure-testing too badly with fixes that have not
 		been tested first in unstable.</li>
 		<li>Only make uploads for issues that the testing security
-		team plans to issue a DTSA announcement for. It is best to
-		contact the team first to avoid duplicate work.</li>
+		team plans to issue a DTSA announcement for.
+		Contact the team first to avoid duplicate work.</li>
 		<li>Use a version number that is less than the version
 		number of the fix in unstable, but greater than the version
 		number of the fix in testing. For example, if the fix is in
@@ -147,13 +130,13 @@
 		<li>Test the package.</li>
 		<li>Sign the package. Any Debian developer in the keyring
 		can do so.</li>
-		<li>Upload to <tt>secure-testing-master.debian.net</tt>.
+		<li>Upload to <tt>security-master.debian.org</tt>.
 		Here is a dput.cf snippet for that upload queue:
 		<pre>
-		[secure-testing]
-		fqdn = secure-testing-master.debian.net
+		[secured-testing]
+		fqdn = security-master.debian.org
 		method = ftp
-		incoming = /pub/UploadQueue/
+		incoming = /pub/OpenSecurityUploadQueue/
 		login = anonymous
 		</pre>
 		</li>
@@ -162,34 +145,25 @@
 		list and, it will become available in this apt repository,
 		including builds for all other architectures:
 		<pre>
-		deb http://secure-testing.debian.net/debian-secure-testing etch-proposed-updates/security-updates main contrib non-free
-		deb-src http://secure-testing.debian.net/debian-secure-testing etch-proposed-updates/security-updates main contrib non-free
+		deb http://security.debian.org/ testing/updates main contrib non-free
+		deb-src http://security.debian.org/ testing/updates main contrib non-free
 		</pre>
-		Build logs can be found
-		<a href="http://experimental.debian.net/">here</a> with
-		distribution-name <i>etch-secure</i>.
-		Once everything is ready, contact a team member to issue a
-		DSTA.
+		Build logs are mailed to the team, and must be signed. Once everything is ok, a team member will issue a DTSA.
 		</li>
 	</ol>
 
 	<p>
-	To issue a DTSA, team members follow this checklist:
+	To issue a DTSA, team members follow this checklist (note: this may change once newamber is fixed to use our templates):
 	<ol>
-          	<li>Commit an initial .adv template into SVN to	prevent duplicate work and claim an advisory number
-          	<li>Prepare the update and fill out the .adv template
-          	<li>Make sure everything is ready.
+        <li>Commit an initial .adv template into SVN to	prevent duplicate work and claim an advisory number
+        <li>Prepare the update and fill out the .adv template
+        <li>Make sure everything is ready.
 		<li>cd data/DTSA; ./dtsa -p ADVISORYNUMBER</li>
 		<li>check DTSA-n-1 and DTSA-n-1.html. Remove TODO line for
 		advisory from the list file</li>
 		<li>mv DTSA-n-1.html ../../website/DTSA/</li>
 		<li>cd ../../website; ../bin/updatehtmllist --output list.html ../data/DTSA/list</li>
 		<li>cd ../; svn add website/DTSA/DTSA-n-1.html; svn commit</li>
-		<li>Edit data/DTSA/hints/yourname, and add a hint to make dtsasync
-		propigate the update from etch-proposed-updates to etch.
-		Commit the file and wait 15 minutes for the dtsasync run,
-		then check the <a href="logs/dtsasync">log file</a> and/or
-		upgrade a test machine.</li>
 		<li>cd data/DTSA; ./sndadvisory DTSA-n-1</li>
 		<li>Edit CVE/list and DSA/list to list the version of the
 		package that is in the secure-testing archive as fixing the

More information about the Secure-testing-commits mailing list