| 1 |
Ühel kenal päeval, R, 16.12.2016 kell 13:30, kirjutas Thomas |
| 2 |
Deutschmann: |
| 3 |
> Hi, |
| 4 |
> |
| 5 |
> Mart, how would your proposal affect human readable GLSAs at |
| 6 |
> https://security.gentoo.org/glsa/ ? |
| 7 |
> |
| 8 |
> Would you only publish machine readable information for the glsa- |
| 9 |
> check |
| 10 |
> tool and still hold back human readable information or would you |
| 11 |
> publish |
| 12 |
> both? |
| 13 |
|
| 14 |
I'm not sure, I don't have knowledge of how this information is |
| 15 |
consumed. I want to make sure that our actual users and sysadmins get |
| 16 |
the information as fast as possible for their architecture via glsa- |
| 17 |
check and such. |
| 18 |
|
| 19 |
How the publishing on the website and other places should be done is up |
| 20 |
for the security team to discuss and decide, just like the glsa-check |
| 21 |
use case. |
| 22 |
|
| 23 |
I would imagine we could add some blurbs about what architectures the |
| 24 |
fix is available for, and some standard text for those that don't have |
| 25 |
it marked yet. |
| 26 |
As a random note, delaying the release will mess around with the GLSA |
| 27 |
number ordering compared to them appearing there. |
| 28 |
|
| 29 |
|
| 30 |
Mart |
Archives