11/7/2023 0 Comments Debian ltsIts documentation on the Debian Security Team website. Any information that could be useful for the security team as well as the LTS team.ĭata/dla-needed.txt: Should be updated to reflect LTS specific information, such as who is working on a package, possible issues that are specific to LTS, test packages available, requests for help, problems encountered, etc.ĭata/DLA/list: In most cases there is no need to manually change this file, as it is maintained automatically by bin/gen-DLA which is described in following sections. For example, consider adding to this file links to bug reports related to the security issue, links to upstream commits or new releases which address the vulnerability, links to public mailing list posts, upstream reports, upstream exploits, information regarding if the exploits do or do not work, etc. This includes updating the following files:ĭata/CVE/list: Should be updated with broader information that affects more than just LTS (i.e., stable, testing). LTS Developers are strongly encouraged to keep the data in the security tracker up-to-date. This is a database of all known security issues in Debian.ĭevelopers check out the Git source, commit changes, and the website automatically updates to reflect the changes. The Debian LTS team makes extensive use of the Debian Security Tracker. They send call for tests on the mailing list, so please subscribe to it and test the packages they provide when you can, and report back whether they work for you. Many LTS contributors are looking for testers for their updated packages. org and put the person who prepared the update in copy (in case they are not subscribed to the list). something that used to work and that no longer works), then please report it to debian-lts. Test updated packages and report regressions ¶Īs a simple user, you can test packages that have been updated (or that are in the process of being updated). Prepare other (non-security-related) updates for LTS Test updated packages and report regressions We assume that you are already familiar with the repository layout described in LTS/Using and that you are subscribed to the LTS mailing list: If you want to get involved in the LTS team and help keep Debian packages secure for 5 years, have a look at this page. Take care of all Debian packages and not only the most popular ones Support packages that are currently unsupported With more resources, we could for example: Debian Long Term Support Security Advisory (DLA) How-to prepare security updates for LTSĬlaim the issue in the security tracker (in dla-needed.txt)Ĭontributing to Debian Long Term Support ¶ The Debian LTS team is always looking for more volunteers to do a better job.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |