On Tue Jun 03, 2008 at 14:09:59 +0200, Dominique Muhlke wrote:
> I want to know if there is any possibility to get security-notifications
> via webservice or something like that ?
You might enjoy the RSS feed:
http://www.debian.org/security/dsa.en.rdf
Otherwise your best bet is to sub
On Sun Mar 02, 2008 at 20:31:16 -0500, Filipus Klutiero wrote:
> Before I do that, if you are the author of the sentence, do you agree that
> the
> announcement shouldn't claim that Debian is proud of that or not?
As has already been stated you say:
"IMO, more than 4 years is too much. But
On Thu Nov 29, 2007 at 14:46:12 +0100, Frans Pop wrote:
> On Thursday 29 November 2007, Steve Kemp wrote:
> > They shouldn't have anything to be translated in them (though right now
> > there are about three small strings that are there).
>
> Are you perhaps
On Thu Nov 29, 2007 at 14:12:36 +0100, Frans Pop wrote:
> Ah, 'cvs up -d' fixes that. /me blames cvs for being incomprehensible.
I know that feeling :)
> Yes, with a completely different starting position that is fully
> understandable :-) Sorry for the confusion due to my broken checkout and
On Thu Nov 29, 2007 at 14:36:12 +0100, Frans Pop wrote:
> Looking at the Makefile in the english directory, the problem is probably
> that it refers to the data dir in the current directory. But of course the
> translations do not have a data dir in _their_ current directory.
Perhaps we could
On Thu Nov 29, 2007 at 13:09:34 +0100, Frans Pop wrote:
> (Keeping you CC'ed as I'm not sure if you're subscribed...)
I am.
>
> You don't seem to be replying to the translation issue for the main audit
> advisories page.
I thought I was, or at least my failure to answer wasn't deliberate
On Thu Nov 29, 2007 at 05:16:27 +0100, Frans Pop wrote:
> It also does not seem possible to create translations for the yearly
> index pages such as http://www.debian.org/security/audit/2006/ because
> here is no "English source" file for them.
> If they are to be generated automatically, they sh
On Fri Nov 02, 2007 at 12:46:39 +0100, Frank Lichtenheld wrote:
> Turns out this doesn't work so well atm.
:(
> I see two possibilities to solve this properly:
> 1) Just dump the .inc files and change the format of the .data files to
> something directly usable. You could e.g. directly use WML
I've created a rough stab at a dynamic system, but before I commit
it I thought I'd ask for comments first.
The current code is here:
http://www.steve.org.uk/Software/tmp/audit.tar.gz
Unpack that into /english/security.
The way it works is to have a script 'make-advisories' which r
On Mon Oct 29, 2007 at 10:37:56 +0100, Gerfried Fuchs wrote:
> Am Sonntag, den 28.10.2007, 21:08 + schrieb Steve Kemp:
> > Right section of the website beneath [english]/security/audit is a little
> > out of date. It is primarily out of date because the information containe
Right section of the website beneath [english]/security/audit is a little
out of date. It is primarily out of date because the information contained
there is contained in the HTML, and that makes keeping it current harder
than it should be.
As I see it there are two things to do:
1. U
On Sat Oct 27, 2007 at 19:45:04 -0200, Felipe Augusto van de Wiel (faw) wrote:
> > i used to go by the alias jaguar whihc i dont uset it anymore
> > , could you please change it in the Security Audit Project section to
> > "swaraj bontula"
>
> I think you are speaking about this page:
>
>
On Thu Oct 25, 2007 at 08:30:12 +0200, Jens Seidel wrote:
> For the stable distribution (etch), this problem has been fixed
> For the stable distribution (etch) this problem has been fixed
>
I prefer the latter, but I might have been guilty of using both.
> PS: Should I CC: the security team
On Tue Oct 16, 2007 at 10:33:13 +0200, Gerfried Fuchs wrote:
> ... and if there are more general problems with the generated
> advisories that would need tweaking with every single of them I *highly*
> encourage to fix these issues in the parse-advisory.pl script in
> english/security instead of
On Mon Sep 17, 2007 at 23:01:37 +0900, Kobayashi Noritada wrote:
> In reviewing and committing the Japanese translation, I found "NULL
> pointer deference" in the English text of DSA 1358, which I think
> should be "NULL pointer de*re*ference".
You are correct.
> I provide a patch here.
> Cou
On Fri, Nov 17, 2006 at 09:06:02AM -0500, [EMAIL PROTECTED] wrote:
>Every link on this page is dead.
>http://www.debian.org/security/2006/dsa-978
This is expected behaviour, since the package in question received
a subsequent security update.
We only keep the most recent version upon
The big problem is that many people offer to help without fully
understanding the size and scope of the problem.
Right now we have a system which allows us to publish pages in
multiple languages and store those pages under revision control.
The pages are static, do not require the instal
On Sat, Aug 19, 2006 at 06:03:26PM +0200, [EMAIL PROTECTED] wrote:
> The practical upshot of this is that the URL to my company's Debian page
> has changed yet again. Would you be so kind?
> Vendor: Amont Informatique
> URL: http://www.amont-info.com/
> URL for Debian Page: http://www.amont-info
On Fri, Aug 04, 2006 at 11:43:52PM +0900, SUGIYAMA Tomoaki wrote:
> Please fix the following typo on 1st line in dsa-1142.wml file.
> bouncary -> boundary
Fixed now, thanks for another great report.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Tr
On Wed, Aug 02, 2006 at 02:35:30AM +0900, SUGIYAMA Tomoaki wrote:
> Please fix the following typo on line 5 in dsa-1131.wml
> and dsa-1132.wml files.
> arbitary -> arbitrary
Fixed now, thanks for reporting it.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsub
On Wed, Jul 26, 2006 at 10:51:12PM +0200, Andreas Barth wrote:
> we are currently about to set up a new service, DebianTimes. Please see
> debian-publicity for some of the discussions, and
> http://wiki.debian.org/DebianTimes for the specification.
>
> DebianTimes is related to something like dot
On Wed, Jul 05, 2006 at 01:00:17PM +0100, gg gg234 wrote:
>Hi Guys,
>
>I am checking the websites section in http://www.debian.org and i want to
>give one more really nice website for debian users and admins If some
>could place this website under this section it would help man
There are times when I'd like to point people to the
members of a particular Debian team.
Right now I have to just give the generic organization
page:
http://www.us.debian.org/intro/organization
It would be nice if the elements of that page had
id attributes, or anchor tags, such t
On Wed, Sep 14, 2005 at 10:11:43AM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
> I know how the item reads but, as I've said, that's the position (and the
> FAQ) of the Debian Security Team that handles _stable_. They probably want to
> rephrase that item as:
> "The Debian Security Team does not
On Tue, Aug 09, 2005 at 01:19:07PM +0200, Jeroen van Wolffelaar wrote:
> forums.debian.net, which for full disclosure, I started and host, has
> been steadily gaining popularity in the past year, and consequently it
> has become a resource for new Debian users with actually quite a good
> chance o
On Thu, Jul 14, 2005 at 05:35:37PM -0500, Juan Palacios wrote:
> my question is if i put this file on cd and install on XANDROS which
> according to someone is DEBIAN BASED...would it install fast?
Two points:
1. This mailing list (debian-www) is for discussing issues
related to th
On Mon, Jul 11, 2005 at 10:56:23AM -0700, Andrew T. Young wrote:
> You can use apt to easily get the latest security updates. This requires a
> line such as
>
> deb http://security.debian.org/ sarge/updates main contrib non-free
>
> in your /etc/apt/sources.list file.
This is correct.
>
On Wed, Feb 23, 2005 at 08:18:56AM -0600, Michael McGuire wrote:
> What does "sanisiting" mean?
> >From your Security Advisory - DSA-689-1
> "libapache-mod-python -- missing input sanisiting"
Typo for sanitizing.
Also typo'd is DSA-682-1.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTEC
On Mon, Jan 31, 2005 at 05:59:12PM +0100, Carlos Mamber wrote:
> I tried to search for some packages at debian.packages.org but I were
> unable to do it. It seems that the page is broken because I get the
> following message in Mozilla: "The operation timed out when attempting
> to contact package
On Thu, Jan 13, 2005 at 01:04:31AM +0900, SUGIYAMA Tomoaki wrote:
> I think "provices" should be "provides" on
> webwml/english/security/2005/dsa-636.wml.
> If so, please fix it.
Thanks, I believe you are correct, so I've fixed it now.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
On Sun, Dec 12, 2004 at 08:00:13PM +0100, Jens Seidel wrote:
> I recently added Michael Ablassmeier's German translation of
> www.debian.org/security/audit/faq
> and noticed that files related to the Security Audit Project consist
> of one long line of text ...
That seems suprising.
> ... n
On Tue, Nov 02, 2004 at 02:49:27AM +0900, SUGIYAMA Tomoaki wrote:
> Please apply the patches to
> italian/releases/slink/running-kernel-2.2.wml for fixing a typo.
Applied, many thanks for your contribution.
Steve
--
On Tue, Nov 02, 2004 at 01:52:23AM +0900, SUGIYAMA Tomoaki wrote:
> I think "disovered" should be "discovered" on
> webwml/english/security/2004/dsa-579.wml.
> If so, please fix it.
I agree, and I've committed a fix for this now. Thanks for the
report.
Steve
--
On Thu, Oct 28, 2004 at 04:30:13PM +0200, Andreas Barth wrote:
> the link on http://www.debian.org/ports/amd64/ to
> http://www.buildd.net/buildd/Installed_stats.png is broken; it should be
> http://unstable.buildd.net/buildd/Installed_stats.png
Thanks for the report, I've committed a fix to th
On Tue, Oct 12, 2004 at 01:57:14AM -0700, itworks wrote:
> I'm trying to download the libpng3 package but the link (/debian-security)
> reports: "The requested URL /debian-security/pool/updates/main/libp/libpng3/
> libpng3_1.2.1-1.1.woody.3_i386.deb was not found on this server. "
>
> Would you p
On Fri, Sep 10, 2004 at 05:35:57PM -0400, Simon Law wrote:
> Why don't you drop MD5 hashing? It's become cryptographically possible
> to generate a collision [1] on a known MD5 hash, so one can assume that
> a determined attacker will try very hard to find one, if someone relies
> on it.
My un
I would also like to see something like this,
full ownership, size, and hashes of all the files.
My only concern is that the display might well
be crowded.
Consider the following example:
[EMAIL PROTECTED]:~$ echo `ls -l /bin/ls ` `md5sum /bin/ls` `openssl sha1
/bin/ls`
-rwxr-xr-x 1 ro
On Wed, Sep 08, 2004 at 12:23:19AM +0200, Frank Lichtenheld wrote:
> > I'd be interested in including ownership / size / permissions as
> > well.
>
> In #268658 is already something from Javier about that. I will
> reassign this bug and other like it to ftp.debian.org however
> as they generate
On Sun, Sep 05, 2004 at 07:36:29PM +0200, Frank Lichtenheld wrote:
> I've committed some changes to the packages.debian.org code:
>
It all looks good, and reminds me of a thought I had a few days
ago.
What woul be involved in seeing more information in the package
contents lists?
I see
On Thu, Sep 02, 2004 at 02:14:31AM +0900, SUGIYAMA Tomoaki wrote:
> I think "eploitable" should be "exploitable" in the vulnerabilities
> list (CAN-2004-0644) on webwml/english/security/2004/dsa-543.wml.
You are correct, thank you for the report.
I've committed a fix for this now, and it wil
On Mon, Aug 30, 2004 at 02:12:40PM -0400, poo wrote:
>Heh, well it's not a real big issue but on the page:
>http://www.debian.org/devel/debian-installer/
>
>you spelled "relese" your sentence " If you just need an installation that
>works, we recommend you use relese candidate
On Wed, May 26, 2004 at 09:47:12PM +0900, Kobayashi Noritada wrote:
> I also found dysfunctional links in translating 'security/audit/tools'.
> URLs for two tools are written in the form of
> 'http://packages.debian.org//',
> but this is wrong.
> 'http://packages.debian.org/' may be correct and f
On Wed, May 26, 2004 at 03:23:19PM +0900, Kobayashi Noritada wrote:
> I think file name 'security/audit/advisorises' have a spelling mistake.
> It should be 'security/audit/advisories', as is linked from
> other files (security/audit/{index,faq}).
You are correct, thank you.
I've fixed this
On Wed, May 26, 2004 at 12:54:58AM +0200, Frank Lichtenheld wrote:
> On Tue, May 25, 2004 at 04:30:40PM -0600, Debian WWW CVS wrote:
> I don't know why you commit this ignoring my changes,
> however, please respect them. They make the full list of
> files in the Makefile obsolete (aside from the b
Hi,
Just a quick mail to report an error in the package search script.
[Some of these URL's may have wrapped badly, I apologise in advance
if this is the case].
I started at:
http://www.debian.org/distrib/packages
Filled in the form for "Search Package Directories", by typing
45 matches
Mail list logo
