Hi,
As mentioned in earlier mails and also noted in the manual itself, the
devref is the place where instructions for DD's on providing updates for a
DSA are located. The current instructions in the securing-howto are
outdated and even wrong and continue to confuse people. Please remove it
and ref
Package: release-notes
Severity: normal
Tags: patch
Hi,
The release notes list that the default python is now 2.5, whole it is
actually 2.6 (as per apt-cache show python).
Attached patch updates the notes for that.
Thanks for maintaining the release notes.
Cheers,
Thijs
-- System Information:
On Sunday 23 January 2011 12:07:05 Julien Cristau wrote:
> > > The release notes list that the default python is now 2.5, whole it is
> > > actually 2.6 (as per apt-cache show python).
> >
> >
> >
> > I fixed this in SVN, thanks for pointing it out.
> >
> >
>
> Your fix is wrong, python2.5 is st
tag 683424 patch
thanks
Hi,
> We need some introduction to multi-arch.
Attached patch adds a basic introduction to Multiarch in the What's new
section, referring to the HOWTO for extended information for those who
want it. Besides it points users of ia32-libs, probably one of the most
significan
Package: release-notes
Tags: patch
Hi,
Attached patch adds a "what's new" item on the security hardening build
flags release goal. Please consider to apply. I'm not currently aware of
other hardening improvements except the flags, but if there are, they can
of course be included in this section.
Package: release-notes
Severity: normal
Tags: wheezy
Hi Joost,
Filing a bug as discussed.
When I upgraded a desktop system from Squeeze to Wheezy, it failed to install
grub in my MBR. The reason given was probably along the lines of this:
warning: your core.img is unusually large. It won't f
On Sun, March 31, 2013 11:46, Jonathan Nieder wrote:
> Presumably this note is only relevant on amd64, so this is a good
> opportunity to make the release notes shorter on other arches. How
> about this patch?
Looks good, I recommend applying it.
Thijs
--
To UNSUBSCRIBE, email to debian-doc-
Package: release-notes
Severity: wishlist
Tags: patch
Hi,
Attached patch renames the "Hardening" section to "Security", adds mention
of the removed SSLv3 protocol and progress on hardened build flags.
Cheers,
Thijs
Index: en/whats-new.dbk
On Thu, December 11, 2014 19:38, Niels Thykier wrote:
> I have applied and committed your patch with 3 changes. These changes
> are:
>
> * In the first paragraph, avoid implying that all packages have been
>compiled without SSLv3 support (as I recall, at least openssl still
>have it, and
Package: release-notes
Severity: wishlist
Tags: patch
Hi,
Please see attached patch to mention the needrestart package in the Security
section.
Cheers,
Thijs
needrestart.patch
Description: inode/empty
Index: en/whats-new.dbk
===
--- en/whats-new.dbk (revision 10679)
+++ en/whats-new.dbk (working copy)
@@ -480,6 +480,15 @@
hardening-wrapper can
provide a gcc with these flags enabled.
+
+ New in this release is the
+ need
Package: release-notes
Severity: normal
Tags: patch buster
Hi,
I'd like to add the following to the "package-specific-issues" section
in issues.dbk of the Buster release notes. It describes the new mailman3
package since buster and the expectations for the mailman 2.x release.
Mailman ver
> The link to packages-arch-specific is broken.
The correct link is:
http://cvs.debian.org/srcdep/Packages-arch-specific?rev=HEAD&cvsroot=dak&content-type=text/vnd.viewcvs-markup
It's appearently mangled by something when generating the document.
Thijs
--
To UNSUBSCRIBE, email to [EMAIL PROT
Package: developers-reference
Version: 3.3.7
Severity: minor
Tags: patch
Hello,
The developers reference uses capitalisation at some points to EMPHASIZE
things. It's better to use the SGML tags and for that.
The attached patch fixes that.
I've also attached a patch to remove two stray '+' char
Package: developers-reference
Version: 3.3.7
Severity: minor
Hi,
The developer's reference mentions the following in 6.5.2.6 Be gender
neutral:
> The world is made of men and women. Please use gender-neutral
> constructions in your writing. This is not Political Correctness, this
> is showing re
On Sat, 2006-11-11 at 23:19 +0100, Thijs Kinkhorst wrote:
> As I said I agree that there's a good point in saying people should keep
> descriptions to a minimum. In this specific case I inherited a debconf
> template from the previous maintainer, and it listed a step-by-step plan
reopen 382477
thanks
On Sat, 2006-11-11 at 22:27 +0100, Christian Perrier wrote:
> This is why the DevRef recommends not exceeding 20 lines. So, the
> DevRef is right telling so and lintian is right warning maintainers
> about this.
> If you really think that you have too much information that yo
On Sun, 2006-11-12 at 14:02 -0600, Manoj Srivastava wrote:
> I suggest that we specify tow headers: and SCM specific
> header, XS-Vcs- where name is one keyword from a specified list
> (bzr, cvs, svn, darcs, git, hf, or arch), and XS-VCS-Browse, which is
> a plain old HTTP URL.
Yes, thi
Package: release-notes
Hi,
I propose to add this text:
Starting with this release, the Debian security team does not provide
security support for a number of PHP configurations which are known to
be insecure. Most importantly, issues that make use of the
register_globals setting being
On Sun, 2007-02-25 at 15:46 +0100, Lionel Elie Mamane wrote:
> Package: release-notes
>
> A mailman issue has come up for the sarge -> etch upgrade which we may
> not be able to fix in time for etch (as upstream has been aware of the
> issue for more than a year but still hasn't fixed it; we have
Dear debian-doc,
The current "Security Infrastructure" section of the Securing Debian Manual is
quite out of date. I have attached a patch that makes a number of changes to
better reflect the current situation. I don't think the section is perfect
yet, so feel free to improve more, but I do bel
Package: developers-reference
Tags: patch
Hi,
The section on the delayed queue still mentions the legacy ~tfheen queue on
gluck, while there's now an 'official' one on ftp-master:
http://lists.debian.org/debian-devel-announce/2008/09/msg6.html
Attached patch updates the reference to reflect
Package: developers-reference
Severity: wishlist
Tags: patch
Hi,
Please find attached a patch to update the section on handling security
issues. I tried to bring some things more up to date, added a section on
the tracker, and added emphasis on the checks needed before you upload a
package.
I'm
On Fri, January 23, 2009 00:47, Lucas Nussbaum wrote:
> tags 512620 + pending thanks
>
> Hi,
>
>
> Thanks for the patch. I applied it to SVN.
Thanks!
Thijs
--
To UNSUBSCRIBE, email to debian-doc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debia
Package: release-notes
Tags: patch
Hi,
The kernel now doesn't contain a number of firmware pieces anymore which may
be essential to get the system in a workable state after reboot.
Unfortunately this was missed in the release notes. The following patch adds
a note which refers people to the re
Hey all,
On woansdei 21 Jannewaris 2009, Thijs Kinkhorst wrote:
> The current "Security Infrastructure" section of the Securing Debian Manual
> is quite out of date. I have attached a patch that makes a number of
> changes to better reflect the current situation. I don'
Hi,
Attached patch updates the section of the securing-howto about how to apply
security updates. Specifically, it updates it to how d-i treats security
updates currently, advises to use the release codename instead of 'stable',
and remove references to non-US which is long gone. Please conside
27 matches
Mail list logo
