Re: Webservice for security patches and notes ?

2008-06-03 Thread Steve Kemp
On Tue Jun 03, 2008 at 14:09:59 +0200, Dominique Muhlke wrote: > I want to know if there is any possibility to get security-notifications > via webservice or something like that ? You might enjoy the RSS feed: http://www.debian.org/security/dsa.en.rdf Otherwise your best bet is to sub

Bug#468765: Should the Debian project state it is proud of oldstable security support?

2008-03-02 Thread Steve Kemp
On Sun Mar 02, 2008 at 20:31:16 -0500, Filipus Klutiero wrote: > Before I do that, if you are the author of the sentence, do you agree that > the > announcement shouldn't claim that Debian is proud of that or not? As has already been stated you say: "IMO, more than 4 years is too much. But

Re: New security/audit pages not translatable

2007-12-02 Thread Steve Kemp
On Thu Nov 29, 2007 at 14:46:12 +0100, Frans Pop wrote: > On Thursday 29 November 2007, Steve Kemp wrote: > > They shouldn't have anything to be translated in them (though right now > > there are about three small strings that are there). > > Are you perhaps

Re: New security/audit pages not translatable

2007-12-02 Thread Steve Kemp
On Thu Nov 29, 2007 at 14:12:36 +0100, Frans Pop wrote: > Ah, 'cvs up -d' fixes that. /me blames cvs for being incomprehensible. I know that feeling :) > Yes, with a completely different starting position that is fully > understandable :-) Sorry for the confusion due to my broken checkout and

Re: New security/audit pages not translatable

2007-12-02 Thread Steve Kemp
On Thu Nov 29, 2007 at 14:36:12 +0100, Frans Pop wrote: > Looking at the Makefile in the english directory, the problem is probably > that it refers to the data dir in the current directory. But of course the > translations do not have a data dir in _their_ current directory. Perhaps we could

Re: New security/audit pages not translatable

2007-11-29 Thread Steve Kemp
On Thu Nov 29, 2007 at 13:09:34 +0100, Frans Pop wrote: > (Keeping you CC'ed as I'm not sure if you're subscribed...) I am. > > You don't seem to be replying to the translation issue for the main audit > advisories page. I thought I was, or at least my failure to answer wasn't deliberate

Re: New security/audit pages not translatable

2007-11-29 Thread Steve Kemp
On Thu Nov 29, 2007 at 05:16:27 +0100, Frans Pop wrote: > It also does not seem possible to create translations for the yearly > index pages such as http://www.debian.org/security/audit/2006/ because > here is no "English source" file for them. > If they are to be generated automatically, they sh

Re: Help & advise on using WML constructs to create pages.

2007-11-02 Thread Steve Kemp
On Fri Nov 02, 2007 at 12:46:39 +0100, Frank Lichtenheld wrote: > Turns out this doesn't work so well atm. :( > I see two possibilities to solve this properly: > 1) Just dump the .inc files and change the format of the .data files to > something directly usable. You could e.g. directly use WML

Re: Help & advise on using WML constructs to create pages.

2007-10-29 Thread Steve Kemp
I've created a rough stab at a dynamic system, but before I commit it I thought I'd ask for comments first. The current code is here: http://www.steve.org.uk/Software/tmp/audit.tar.gz Unpack that into /english/security. The way it works is to have a script 'make-advisories' which r

Re: Help & advise on using WML constructs to create pages.

2007-10-29 Thread Steve Kemp
On Mon Oct 29, 2007 at 10:37:56 +0100, Gerfried Fuchs wrote: > Am Sonntag, den 28.10.2007, 21:08 + schrieb Steve Kemp: > > Right section of the website beneath [english]/security/audit is a little > > out of date. It is primarily out of date because the information containe

Help & advise on using WML constructs to create pages.

2007-10-28 Thread Steve Kemp
Right section of the website beneath [english]/security/audit is a little out of date. It is primarily out of date because the information contained there is contained in the HTML, and that makes keeping it current harder than it should be. As I see it there are two things to do: 1. U

Re: modify audit group member jaguar

2007-10-27 Thread Steve Kemp
On Sat Oct 27, 2007 at 19:45:04 -0200, Felipe Augusto van de Wiel (faw) wrote: > > i used to go by the alias jaguar whihc i dont uset it anymore > > , could you please change it in the Security Audit Project section to > > "swaraj bontula" > > I think you are speaking about this page: > >

Re: What's the proper comma usage in DSAs?

2007-10-25 Thread Steve Kemp
On Thu Oct 25, 2007 at 08:30:12 +0200, Jens Seidel wrote: > For the stable distribution (etch), this problem has been fixed > For the stable distribution (etch) this problem has been fixed > I prefer the latter, but I might have been guilty of using both. > PS: Should I CC: the security team

Re: Please check DSA 1381 and 1370

2007-10-16 Thread Steve Kemp
On Tue Oct 16, 2007 at 10:33:13 +0200, Gerfried Fuchs wrote: > ... and if there are more general problems with the generated > advisories that would need tweaking with every single of them I *highly* > encourage to fix these issues in the parse-advisory.pl script in > english/security instead of

Re: [PATCH] NULL pointer de*re*ference?

2007-09-17 Thread Steve Kemp
On Mon Sep 17, 2007 at 23:01:37 +0900, Kobayashi Noritada wrote: > In reviewing and committing the Japanese translation, I found "NULL > pointer deference" in the English text of DSA 1358, which I think > should be "NULL pointer de*re*ference". You are correct. > I provide a patch here. > Cou

Re: http://www.debian.org/security/2006/dsa-978 Dead links

2006-11-17 Thread Steve Kemp
On Fri, Nov 17, 2006 at 09:06:02AM -0500, [EMAIL PROTECTED] wrote: >Every link on this page is dead. >http://www.debian.org/security/2006/dsa-978 This is expected behaviour, since the package in question received a subsequent security update. We only keep the most recent version upon

Re: New Debian Site

2006-10-16 Thread Steve Kemp
The big problem is that many people offer to help without fully understanding the size and scope of the problem. Right now we have a system which allows us to publish pages in multiple languages and store those pages under revision control. The pages are static, do not require the instal

Re: Change of dealer info

2006-08-19 Thread Steve Kemp
On Sat, Aug 19, 2006 at 06:03:26PM +0200, [EMAIL PROTECTED] wrote: > The practical upshot of this is that the URL to my company's Debian page > has changed yet again. Would you be so kind? > Vendor: Amont Informatique > URL: http://www.amont-info.com/ > URL for Debian Page: http://www.amont-info

Re: typo in english/security/2006/dsa-1142.wml

2006-08-04 Thread Steve Kemp
On Fri, Aug 04, 2006 at 11:43:52PM +0900, SUGIYAMA Tomoaki wrote: > Please fix the following typo on 1st line in dsa-1142.wml file. > bouncary -> boundary Fixed now, thanks for another great report. Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Tr

Re: typo in english/security/2006/dsa-1131.wml and dsa-1132.wml

2006-08-01 Thread Steve Kemp
On Wed, Aug 02, 2006 at 02:35:30AM +0900, SUGIYAMA Tomoaki wrote: > Please fix the following typo on line 5 in dsa-1131.wml > and dsa-1132.wml files. > arbitary -> arbitrary Fixed now, thanks for reporting it. Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsub

Re: Layout for DebianTimes

2006-07-26 Thread Steve Kemp
On Wed, Jul 26, 2006 at 10:51:12PM +0200, Andreas Barth wrote: > we are currently about to set up a new service, DebianTimes. Please see > debian-publicity for some of the discussions, and > http://wiki.debian.org/DebianTimes for the specification. > > DebianTimes is related to something like dot

Re: New Debianhelp website

2006-07-05 Thread Steve Kemp
On Wed, Jul 05, 2006 at 01:00:17PM +0100, gg gg234 wrote: >Hi Guys, > >I am checking the websites section in http://www.debian.org and i want to >give one more really nice website for debian users and admins If some >could place this website under this section it would help man

Anchors in the Debian Organizational Page?

2006-04-13 Thread Steve Kemp
There are times when I'd like to point people to the members of a particular Debian team. Right now I have to just give the generic organization page: http://www.us.debian.org/intro/organization It would be nice if the elements of that page had id attributes, or anchor tags, such t

Re: faq , Re: announcing the beginning of security support for testing

2005-09-14 Thread Steve Kemp
On Wed, Sep 14, 2005 at 10:11:43AM +0200, Javier Fern?ndez-Sanguino Pe?a wrote: > I know how the item reads but, as I've said, that's the position (and the > FAQ) of the Debian Security Team that handles _stable_. They probably want to > rephrase that item as: > "The Debian Security Team does not

Bug#322152: Please mention forums.debian.net

2005-08-09 Thread Steve Kemp
On Tue, Aug 09, 2005 at 01:19:07PM +0200, Jeroen van Wolffelaar wrote: > forums.debian.net, which for full disclosure, I started and host, has > been steadily gaining popularity in the past year, and consequently it > has become a resource for new Debian users with actually quite a good > chance o

Re: Firestarter for Debian

2005-07-14 Thread Steve Kemp
On Thu, Jul 14, 2005 at 05:35:37PM -0500, Juan Palacios wrote: > my question is if i put this file on cd and install on XANDROS which > according to someone is DEBIAN BASED...would it install fast? Two points: 1. This mailing list (debian-www) is for discussing issues related to th

Re: problem with security page

2005-07-11 Thread Steve Kemp
On Mon, Jul 11, 2005 at 10:56:23AM -0700, Andrew T. Young wrote: > You can use apt to easily get the latest security updates. This requires a > line such as > > deb http://security.debian.org/ sarge/updates main contrib non-free > > in your /etc/apt/sources.list file. This is correct. >

Re: words

2005-02-23 Thread Steve Kemp
On Wed, Feb 23, 2005 at 08:18:56AM -0600, Michael McGuire wrote: > What does "sanisiting" mean? > >From your Security Advisory - DSA-689-1 > "libapache-mod-python -- missing input sanisiting" Typo for sanitizing. Also typo'd is DSA-682-1. Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTEC

Re: Debian packages page

2005-01-31 Thread Steve Kemp
On Mon, Jan 31, 2005 at 05:59:12PM +0100, Carlos Mamber wrote: > I tried to search for some packages at debian.packages.org but I were > unable to do it. It seems that the page is broken because I get the > following message in Mozilla: "The operation timed out when attempting > to contact package

Re: typo (?) on webwml/english/security/2005/dsa-636.wml

2005-01-12 Thread Steve Kemp
On Thu, Jan 13, 2005 at 01:04:31AM +0900, SUGIYAMA Tomoaki wrote: > I think "provices" should be "provides" on > webwml/english/security/2005/dsa-636.wml. > If so, please fix it. Thanks, I believe you are correct, so I've fixed it now. Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED]

Re: Please respect line length limitation in www.debian.org source

2004-12-12 Thread Steve Kemp
On Sun, Dec 12, 2004 at 08:00:13PM +0100, Jens Seidel wrote: > I recently added Michael Ablassmeier's German translation of > www.debian.org/security/audit/faq > and noticed that files related to the Security Audit Project consist > of one long line of text ... That seems suprising. > ... n

Re: small patche for italian/releases/slink/running-kernel-2.2.wml

2004-11-01 Thread Steve Kemp
On Tue, Nov 02, 2004 at 02:49:27AM +0900, SUGIYAMA Tomoaki wrote: > Please apply the patches to > italian/releases/slink/running-kernel-2.2.wml for fixing a typo. Applied, many thanks for your contribution. Steve --

Re: typo (?) on webwml/english/security/2004/dsa-579.wml

2004-11-01 Thread Steve Kemp
On Tue, Nov 02, 2004 at 01:52:23AM +0900, SUGIYAMA Tomoaki wrote: > I think "disovered" should be "discovered" on > webwml/english/security/2004/dsa-579.wml. > If so, please fix it. I agree, and I've committed a fix for this now. Thanks for the report. Steve --

Bug#278664: Link on amd64-Package broken

2004-10-28 Thread Steve Kemp
On Thu, Oct 28, 2004 at 04:30:13PM +0200, Andreas Barth wrote: > the link on http://www.debian.org/ports/amd64/ to > http://www.buildd.net/buildd/Installed_stats.png is broken; it should be > http://unstable.buildd.net/buildd/Installed_stats.png Thanks for the report, I've committed a fix to th

Re: Broken link: libpng3

2004-10-12 Thread Steve Kemp
On Tue, Oct 12, 2004 at 01:57:14AM -0700, itworks wrote: > I'm trying to download the libpng3 package but the link (/debian-security) > reports: "The requested URL /debian-security/pool/updates/main/libp/libpng3/ > libpng3_1.2.1-1.1.woody.3_i386.deb was not found on this server. " > > Would you p

Bug#268658: Might be crowded ...

2004-09-10 Thread Steve Kemp
On Fri, Sep 10, 2004 at 05:35:57PM -0400, Simon Law wrote: > Why don't you drop MD5 hashing? It's become cryptographically possible > to generate a collision [1] on a known MD5 hash, so one can assume that > a determined attacker will try very hard to find one, if someone relies > on it. My un

Bug#268658: Might be crowded ...

2004-09-08 Thread Steve Kemp
I would also like to see something like this, full ownership, size, and hashes of all the files. My only concern is that the display might well be crowded. Consider the following example: [EMAIL PROTECTED]:~$ echo `ls -l /bin/ls ` `md5sum /bin/ls` `openssl sha1 /bin/ls` -rwxr-xr-x 1 ro

Re: Changes to packages.debian.org

2004-09-08 Thread Steve Kemp
On Wed, Sep 08, 2004 at 12:23:19AM +0200, Frank Lichtenheld wrote: > > I'd be interested in including ownership / size / permissions as > > well. > > In #268658 is already something from Javier about that. I will > reassign this bug and other like it to ftp.debian.org however > as they generate

Re: Changes to packages.debian.org

2004-09-07 Thread Steve Kemp
On Sun, Sep 05, 2004 at 07:36:29PM +0200, Frank Lichtenheld wrote: > I've committed some changes to the packages.debian.org code: > It all looks good, and reminds me of a thought I had a few days ago. What woul be involved in seeing more information in the package contents lists? I see

Re: typo on webwml/english/security/2004/dsa-543.wml

2004-09-01 Thread Steve Kemp
On Thu, Sep 02, 2004 at 02:14:31AM +0900, SUGIYAMA Tomoaki wrote: > I think "eploitable" should be "exploitable" in the vulnerabilities > list (CAN-2004-0644) on webwml/english/security/2004/dsa-543.wml. You are correct, thank you for the report. I've committed a fix for this now, and it wil

Re: ADV: Typo on your page

2004-08-31 Thread Steve Kemp
On Mon, Aug 30, 2004 at 02:12:40PM -0400, poo wrote: >Heh, well it's not a real big issue but on the page: >http://www.debian.org/devel/debian-installer/ > >you spelled "relese" your sentence " If you just need an installation that >works, we recommend you use relese candidate

Re: wrong file name 'security/audit/advisorises'

2004-05-26 Thread Steve Kemp
On Wed, May 26, 2004 at 09:47:12PM +0900, Kobayashi Noritada wrote: > I also found dysfunctional links in translating 'security/audit/tools'. > URLs for two tools are written in the form of > 'http://packages.debian.org//', > but this is wrong. > 'http://packages.debian.org/' may be correct and f

Re: wrong file name 'security/audit/advisorises'

2004-05-26 Thread Steve Kemp
On Wed, May 26, 2004 at 03:23:19PM +0900, Kobayashi Noritada wrote: > I think file name 'security/audit/advisorises' have a spelling mistake. > It should be 'security/audit/advisories', as is linked from > other files (security/audit/{index,faq}). You are correct, thank you. I've fixed this

Re: Debian WWW CVS commit by skx: webwml/english/security/audit Makefile

2004-05-25 Thread Steve Kemp
On Wed, May 26, 2004 at 12:54:58AM +0200, Frank Lichtenheld wrote: > On Tue, May 25, 2004 at 04:30:40PM -0600, Debian WWW CVS wrote: > I don't know why you commit this ignoring my changes, > however, please respect them. They make the full list of > files in the Makefile obsolete (aside from the b

Error in package search CGI scripts.

2001-11-15 Thread Steve Kemp
Hi, Just a quick mail to report an error in the package search script. [Some of these URL's may have wrapped badly, I apologise in advance if this is the case]. I started at: http://www.debian.org/distrib/packages Filled in the form for "Search Package Directories", by typing