Author: fw
Date: 2006-03-11 18:27:37 +0000 (Sat, 11 Mar 2006)
New Revision: 3594
Modified:
bin/tracker_service.py
Log:
Incorporate Micah''s changes.
bin/tracker_service.py (TrackerService.page_home):
Modernize.
(TrackerService.page_report):
New page.
Modified: bin/tracker_service.py
==================================================================---
bin/tracker_service.py 2006-03-11 18:26:28 UTC (rev 3593)
+++ bin/tracker_service.py 2006-03-11 18:27:37 UTC (rev 3594)
@@ -103,6 +103,7 @@
self.register(''data/funny-versions'',
self.page_data_funny_versions)
self.register(''data/fake-names'',
self.page_data_fake_names)
self.register(''debsecan/**'', self.page_debsecan)
+ self.register(''data/report'', self.page_report)
def page_home(self, path, params, url):
query = params.get(''query'',
('''',))[0]
@@ -115,14 +116,26 @@
return self.create_page(
url, ''Security Bug Tracker'',
[P(
- """This is the experimental issue tracker for
Debian''s testing
-security team. Keep in mind that this is merely a prototype.
-Please report any problems to """,
- A("mailto:fw@deneb.enyo.de", "Florian Weimer"),
- """.Note that some of the data presented here is
known
-to be wrong (see below), but the data for the testing suite
-should be fine."""),
- make_menu(
+ """The data in this tracker comes solely from the
bug database maintained
+by Debian''s security team located in the testing-security Subversion
""",
+ A("http://svn.debian.org/wsvn/secure-testing/data",
"repository"),
+ """. The data represented here is derived from:
""",
+ A("http://www.debian.org/security/#DSAS",
"DSAs"),
+ """ issued by the Security Team; issues tracked in
the """,
+ A("http://www.cve.mitre.org/cve/index.html", "CVE
database"),
+ """, issues tracked in the """,
+ A("http://nvd.nist.gov/", "National Vulnerability
Database"),
+ """ (NVD), maintained by NIST; and security issues
+discovered in Debian packages as reported in the BTS."""),
+ P("""All exteral data (including Debian bug reports
and official Debian
+security advisories) must be added to this database before it appears
+here. Please help us keep this information up-to-date by""",
+ A(url.scriptRelative("data/report"),
"reporting"),
+ """ any discrepancies or change of states that
you are
+aware of and/or help us improve the quality of this information by
""",
+ A(url.scriptRelative("data/report"),
"participiating"),
+ "."),
+ make_menu(
url.scriptRelative,
(''status/release/unstable'',
''Vulnerable packages in the unstable suite''),
@@ -150,21 +163,6 @@
P("""(You can enter CVE names, Debian bug numbers
and package
names in the search forms.)"""),
- H2("Data sources"),
- P("""Data in this tracker comes solely from the bug
database
-which is maintained by Debian''s testing security team in their
-Subversion repository. All external data (this includes
-Debian bug reports and official Debian security advisories)
-must be added to this database before it appears here, and there
-can be some delay before this happens."""),
- P("""At the moment, the database only contains
information which is
-relevant for tracking the security status of the stable, testing and
-unstable suites. This means that data for oldstable is likely
wrong."""),
- P(''Data marked "NVD" comes from the '',
- A(url.absolute(''http://nvd.nist.gov/''),
- ''National Vulnerability Database''),
- '' maintained by NIST.''),
-
H2("External interfaces"),
P("""If you want to automatically open a relevant
web page for
some object, use the """,
@@ -446,6 +444,40 @@
'' matched no results.'')],
status=404)
+ def page_report(self, path, params, url):
+ return self.create_page(
+ url, ''Reporting discrepancies in the data'',
+ [P("""The data in this tracker is always in flux, as
bugs are fixed and new
+issues disclosed, the data contained herein is updated. We strive to
+maintain complete and accurate state information, and appreciate any
+updates in status, information or new issues."""),
+ P("There are three ways that you can report updates to this
information:"),
+ make_numbered_list(
+ [P("""IRC: We can be found at """,
+ CODE("irc.oftc.net"),
+ ", ",
+ CODE("#debian-security"),
+ """. If you have information to report, please go ahead and
join
+the channel and tell us. Please feel free to state the issue,
+regardless if there is someone who has acknowledged you. Many of us
+idle on this channel and may not be around when you join, but we read
+the backlog and will see what you have said. If you require a
+response, do not forget to let us know how to get a hold of
you."""),
+ P("Mailing list: Our mailing list is: ",
+
A("mailto:secure-testing-team@lists.alioth.debian.org",
+ "secure-testing-team@lists.alioth.debian.org")),
+ P("""Helping out: We welcome people who wish to
join us in tracking
+issues. The process is designed to be easy to learn and participate,
+please read our """,
+
A("http://svn.debian.org/wsvn/secure-testing/doc/narrative_introduction",
+ "Introduction"),
+ """ to get familiar with how things work. Join
us on
+our mailing list, and on IRC and request to be added to the Alioth
""",
+ A("http://alioth.debian.org/projects/secure-testing/",
"project"),
+ """. We are really quite friendly. If you have a
+question about how things work, don''t be afraid to ask, we would like
+to improve our documentation and procedures, so feedback is
welcome.""")])])
+
def page_source_package(self, path, params, url):
pkg = path[0]