Author: joeyh Date: 2005-08-27 07:20:28 +0000 (Sat, 27 Aug 2005) New Revision: 1667 Modified: website/index.html Log: update Modified: website/index.html ==================================================================--- website/index.html 2005-08-27 04:25:11 UTC (rev 1666) +++ website/index.html 2005-08-27 07:20:28 UTC (rev 1667) @@ -69,8 +69,8 @@ <h1>Uploads to the secure-testing repository</h1> <p> - To upload a package to the secure-testing repository, follow this - checklist: + To upload a package to the secure-testing repository, any Debian + developer may follow this checklist: <ol> <li>Only upload changes that have already been made in unstable and are blocked by reaching testing by some other @@ -79,7 +79,8 @@ breaking secure-testing too badly with fixes that have not been tested first in unstable.</li> <li>Only make uploads for issues that the testing security - team plans to issue a DTSA announcement for.</li> + team plans to issue a DTSA announcement for. It is best to + contact the team first to avoid duplicate work.</li> <li>Use a version number that is less than the version number of the fix in unstable, but greater than the version number of the fix in testing. For example, if the fix is in @@ -90,7 +91,10 @@ <li>Use "testing" as the distribution in the changelog.</li> <li>Build the package in a testing chroot using pbuilder - so that all the dependencies are ok.</li> + so that all the dependencies are ok. Be sure to build with + the -sa switch to include source, unless the source is + already in the secure-testing archive. + </li> <li>Test the package.</li> <li>Sign the package. Any Debian developer in the keyring can do so.</li> @@ -114,15 +118,25 @@ </pre> Build logs can be found <a href="http://experimental.debian.net/">here</a>. + Once everything is ready, contact a team member to issue a + DSTA. </li> - <li> - Once everything is ready, contact a team member to create a DTSA annoucement - (using data/DTSA/mkadvisory), contact a secure-testing-master admin - to move the upload from etch-proposed-updates to + </ol> + + <p> + To issue a DTSA, team members follow this checklist: + <ol> + <li>Make sure everything is ready. + <li>cd data/DTSA; ./mkadvisory</li> + <li>svn add DTSA-n-1; svn commit</li> + <li>Contact a secure-testing-master admin to move the upload from etch-proposed-updates to etch (using something like this, but the procedure is still being worked out: - madison -s etch-proposed-updates -f heidi -S $package | sudo -u katie heidi -a etch) + madison -s etch-proposed-updates -f heidi -S $package | sudo -u katie heidi -a etch; touch /org/secure-testing.debian.net/RUN-DINSTALL) and send the signed DTSA to secure-testing-announce. </li> + <li>Make sure that the debs are in place. Note that + dinstall runs at 20 and 50 past the hour. + <li>cd data/DTSA; ./sndadvisory DTSA-n-1</li> </ol> </p>