[Secure-testing-commits] r8409 - doc
thijs at alioth.debian.org
thijs at alioth.debian.org
Tue Mar 25 19:39:40 UTC 2008
Author: thijs
Date: 2008-03-25 19:39:39 +0000 (Tue, 25 Mar 2008)
New Revision: 8409
Modified:
doc/narrative_introduction
Log:
small fixes
Modified: doc/narrative_introduction
===================================================================
--- doc/narrative_introduction 2008-03-25 16:57:23 UTC (rev 8408)
+++ doc/narrative_introduction 2008-03-25 19:39:39 UTC (rev 8409)
@@ -68,15 +68,18 @@
Automatic Issue Updates
-----------------------
Twice a day a cronjob runs that pulls down the latest full CVE lists
-from Mitre, this automatically gets checked into data/CVE/list. We get
-notified via either email
+from Mitre, this automatically gets checked into data/CVE/list, and
+also syncs that file with other lists like data/DSA/list and
+data/DTSA/list.
+
+We get notified via either email
(http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits)
of every SVN commit, by RSS feed
(http://svn.debian.org/wsvn/secure-testing/?op=rss&rev=0&sc=0&isdir=1)
or via the CIA bot on #debian-security on OFTC. For example, the bot
will say in the channel:
-17:14 < CIA-1> joeyh * r2314 /data/CVE/list: automatic CAN database update
+17:14 < CIA-1> joeyh * r2314 /data/CVE/list: automatic update
Most of our work is taking the new issues that Mitre releases and
processing them so that the tracking data is correct. Read on for how we
@@ -192,8 +195,8 @@
not yet added to our tracker:
http://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=security;users=debian-security@lists.debian.org;exclude=tracked
-A special exception is made for kernel related issues. The kernel-sec group will take
-care of them and file bugs if needed.
+A special exception is made for kernel related issues. The kernel-sec
+group will take care of them and file bugs if needed.
If a vulnerability does not affect Debian, e.g. because the vulnerable
code is not contained, it is marked as <not-affected>:
@@ -367,8 +370,8 @@
is a 'no-dsa' or 'not-affected' condition.
The bin/dsa2list script can be used to generate a template for a new
-DSA entry once the official DSA is published on the web. You should
-not blindly trust the script output and double-check it, though.
+DSA entry once the official DSA is published on debian-security-announce.
+You should not blindly trust the script output and double-check it, though.
Checking your changes
---------------------
More information about the Secure-testing-commits
mailing list