to reiterate, why are there no security updates on the front page? (Or, 17 security holes the security team hasn't told you about)

Ok, since nobody from the security team replied to my earlier question, all I can do is ask it again: Why is the last security update listed on the www.debian.org web page, and the last security announcement posted to debian-security-announce, from way back in March? I know there have been more

Re: to reiterate, why are there no security updates on the front page? (Or, 17 security holes the security team hasn't told you about)

Joey Hess wrote: > Ok, since nobody from the security team replied to my earlier question, I've not spoken with Martin Schultze in private mail. He indicated he (and thus presumably, the rest of the security team) wasn't aware of these security fixes. That, of course, is a pretty good reason why t

Re: to reiterate, why are there no security updates on the front page? (Or, 17 security holes the security team hasn't told you about)

On Mon, May 29, 2000 at 12:31:01AM -0700, Joey Hess wrote: > What I'm wondering is if there is some prodedure we can put in place to > facilitate the security team in making announcements of security fixes. Isn't this essentially the point of setting urgency to "high" in debian/changelog? I realis

Re: to reiterate, why are there no security updates on the front page? (Or, 17 security holes the security team hasn't told you about)

On Mon, May 29, 2000 at 12:31:01AM -0700, Joey Hess wrote: [snip] > 3. To ensure that security fixes are available for all platforms, >including those the maintainer does not have easy access to. this is NOT occuring, examples: i386: diff updated to version 2.7-21 via security.debian.org pot

Re: to reiterate, why are there no security updates on the front page? (Or, 17 security holes the security team hasn't told you about)

Anthony Towns wrote: > > What I'm wondering is if there is some prodedure we can put in place to > > facilitate the security team in making announcements of security fixes. > > Isn't this essentially the point of setting urgency to "high" in > debian/changelog? Well, your idea of looking at, and

Re: to reiterate, why are there no security updates on the front page? (Or, 17 security holes the security team hasn't told you about)

On Mon, May 29, 2000 at 18:20:53 +1000 (+), Anthony Towns wrote: > On Mon, May 29, 2000 at 12:31:01AM -0700, Joey Hess wrote: > > What I'm wondering is if there is some prodedure we can put in place to > > facilitate the security team in making announcements of security fixes. > > Isn't this e

CVSWeb problem, please read

Hi, I'd like to know if the debian.org webmasters intend to resolve the CVSWeb problem. The #62362 was opened 45 days ago and Christophe Lebars posted a solution for this problem (see bug reports) I contacted the CVSWeb upstream authors but they did'nt reply to me. This is critical as translatio

Re: CVSWeb problem, please read

[EMAIL PROTECTED] (Jérôme Marant) writes: > resolve the CVSWeb problem. The #62362 was opened 45 days ago It is #62366. Sorry. Jérome.

Re: to reiterate, why are there no security updates on the front page? (Or, 17 security holes the security team hasn't told you about)

Previously Joey Hess wrote: > Why is the last security update listed on the www.debian.org web page, > and the last security announcement posted to debian-security-announce, > from way back in March? One reason: we probably need one or two extra people in the security team. We had someone join th

Bug#58524: libz1 -> zlib1g: version needed?

On Mon, May 29, 2000 at 08:25:43PM -0400, Scott Bigham wrote: > > > I respectfully submit, then, that this automatic libz1 -> zlib1g > > > translation, at whatever stage it occurs, should include a mention this > > > minimum version requirement. > > > But the actual dependency cannot have a versio