Author: neilm
Date: 2006-05-28 16:22:16 +0000 (Sun, 28 May 2006)
New Revision: 4087
Modified:
data/DTSA/dtsa
data/DTSA/template
website/index.html
Log:
Modified various bits and pieces to point at security.d.o instead of the old
archive
(sorry it''s taken so long, I blame DebConf)
Modified: data/DTSA/dtsa
==================================================================---
data/DTSA/dtsa 2006-05-28 09:52:47 UTC (rev 4086)
+++ data/DTSA/dtsa 2006-05-28 16:22:16 UTC (rev 4087)
@@ -237,13 +237,9 @@
ascii.write("To use the Debian testing security archive, add the
following lines to\n")
ascii.write("your /etc/apt/sources.list:\n")
ascii.write("\n")
- ascii.write("deb http://secure-testing.debian.net/debian-secure-testing
etch/security-updates main contrib non-free\n")
- ascii.write("deb-src
http://secure-testing.debian.net/debian-secure-testing etch/security-updates
main contrib non-free\n")
+ ascii.write("deb http://security.debian.org/ testing/updates main contrib
non-free\n")
+ ascii.write("deb-src http://security.debian.org/ testing/updates main
contrib non-free\n")
ascii.write("\n")
- ascii.write("Run the following command as root to make apt trust this
repository:\n")
- ascii.write("\n")
- ascii.write("wget http://secure-testing-master.debian.net/ziyi-2005-7.asc
-O - | sudo apt-key add -\n")
- ascii.write("\n")
ascii.write("To install the update, run this command as root:\n")
ascii.write("\n")
Modified: data/DTSA/template
==================================================================---
data/DTSA/template 2006-05-28 09:52:47 UTC (rev 4086)
+++ data/DTSA/template 2006-05-28 16:22:16 UTC (rev 4087)
@@ -30,12 +30,9 @@
To use the Debian testing security archive, add the following lines to
your /etc/apt/sources.list:
- deb http://secure-testing.debian.net/debian-secure-testing
etch/security-updates main contrib non-free
- deb-src http://secure-testing.debian.net/debian-secure-testing
etch/security-updates main contrib non-free
+ deb http://security.debian.org/ testing/updates main contrib non-free
+ deb-src http://security.debian.org/ testing/updates main contrib non-free
-The archive signing key can be downloaded from
-http://secure-testing.debian.net/ziyi-2005-7.asc
-
To install the update, run this command as root:
apt-get update && apt-get install __PACKAGE__
Modified: website/index.html
==================================================================---
website/index.html 2006-05-28 09:52:47 UTC (rev 4086)
+++ website/index.html 2006-05-28 16:22:16 UTC (rev 4087)
@@ -98,23 +98,6 @@
<tt>svn://svn.debian.org/secure-testing/</tt>.
</p>
- <h2>secure-testing mirrors</h2>
-
- <p>The following mirrors are available:</p>
- <ul>
- <li>ftp.de.debian.org (located in Germany)
- <li>mirror.debianforum.de (located in Germany)
- <li>ftp.nl.debian.org (located in the Netherlands)
- <li>the.earth.li (located in UK)
- <li>ftp2.jp.debian.org (located in Japan)
- <li>farbror.acc.umu.se (located in Sweden)
- <li>secure-testing.debian.net (round-robin DNS)
- </ul>
-
- <p>If you want to mirror secure-testing.debian.net,
- please see <a href="mirroring.html">mirroring.html</a>
for detailed information.</p>
-
-
<h2>Uploads to the secure-testing repository</h2>
<p>
@@ -128,8 +111,8 @@
breaking secure-testing too badly with fixes that have not
been tested first in unstable.</li>
<li>Only make uploads for issues that the testing security
- team plans to issue a DTSA announcement for. It is best to
- contact the team first to avoid duplicate work.</li>
+ team plans to issue a DTSA announcement for.
+ Contact the team first to avoid duplicate work.</li>
<li>Use a version number that is less than the version
number of the fix in unstable, but greater than the version
number of the fix in testing. For example, if the fix is in
@@ -147,13 +130,13 @@
<li>Test the package.</li>
<li>Sign the package. Any Debian developer in the keyring
can do so.</li>
- <li>Upload to <tt>secure-testing-master.debian.net</tt>.
+ <li>Upload to <tt>security-master.debian.org</tt>.
Here is a dput.cf snippet for that upload queue:
<pre>
- [secure-testing]
- fqdn = secure-testing-master.debian.net
+ [secured-testing]
+ fqdn = security-master.debian.org
method = ftp
- incoming = /pub/UploadQueue/
+ incoming = /pub/OpenSecurityUploadQueue/
login = anonymous
</pre>
</li>
@@ -162,34 +145,25 @@
list and, it will become available in this apt repository,
including builds for all other architectures:
<pre>
- deb http://secure-testing.debian.net/debian-secure-testing
etch-proposed-updates/security-updates main contrib non-free
- deb-src http://secure-testing.debian.net/debian-secure-testing
etch-proposed-updates/security-updates main contrib non-free
+ deb http://security.debian.org/ testing/updates main contrib non-free
+ deb-src http://security.debian.org/ testing/updates main contrib non-free
</pre>
- Build logs can be found
- <a href="http://experimental.debian.net/">here</a> with
- distribution-name <i>etch-secure</i>.
- Once everything is ready, contact a team member to issue a
- DSTA.
+ Build logs are mailed to the team, and must be signed. Once everything is ok,
a team member will issue a DTSA.
</li>
</ol>
<p>
- To issue a DTSA, team members follow this checklist:
+ To issue a DTSA, team members follow this checklist (note: this may change
once newamber is fixed to use our templates):
<ol>
- <li>Commit an initial .adv template into SVN to prevent
duplicate work and claim an advisory number
- <li>Prepare the update and fill out the .adv template
- <li>Make sure everything is ready.
+ <li>Commit an initial .adv template into SVN to prevent duplicate
work and claim an advisory number
+ <li>Prepare the update and fill out the .adv template
+ <li>Make sure everything is ready.
<li>cd data/DTSA; ./dtsa -p ADVISORYNUMBER</li>
<li>check DTSA-n-1 and DTSA-n-1.html. Remove TODO line for
advisory from the list file</li>
<li>mv DTSA-n-1.html ../../website/DTSA/</li>
<li>cd ../../website; ../bin/updatehtmllist --output list.html
../data/DTSA/list</li>
<li>cd ../; svn add website/DTSA/DTSA-n-1.html; svn commit</li>
- <li>Edit data/DTSA/hints/yourname, and add a hint to make dtsasync
- propigate the update from etch-proposed-updates to etch.
- Commit the file and wait 15 minutes for the dtsasync run,
- then check the <a href="logs/dtsasync">log file</a>
and/or
- upgrade a test machine.</li>
<li>cd data/DTSA; ./sndadvisory DTSA-n-1</li>
<li>Edit CVE/list and DSA/list to list the version of the
package that is in the secure-testing archive as fixing the