Commit 5d665214 authored by Luciano Bello's avatar Luciano Bello

index aka todo list

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@25577 e39458fd-73e7-0310-bf30-c45bca0a0e42
parent e823a15c
MD=/usr/bin/markdown_py
SOURCES=security_tracker glossary
SOURCES=security_tracker glossary index contact
HTMLS=$(patsubst %,%.html,$(SOURCES))
EXTENSIONS=tables def_list
EXTENSIONS=tables def_list toc
all: $(HTMLS)
......
Mail
----
- Specify public/private
What each list is for:
---------------------
- debian-security@lists.debian.org
- debian-security@do seems to be redirected to debian-private@ldo
- debian-security-tracker@lists.debian.org
- team@security.d.o
- (and more)
- consolidate lists? (which are needed?; explicit names, e.g. -public/-private)
- RT? (incoming queue for non encrypted mails)
IRC Channel
-----------
We hang-out on #debian-security on OFTC, stop by the IRC channel if
you'd like, also we can add you to the alioth project so you have svn
write permission and you can test drive it on the testing issues for
however long you like to get an idea or feel comfortable (and hey it
helps!)
# Security team documentation
This is more a TODO list than an index. For now.
* Organization
- Contributors: Members of the security-testing alioth project, the "tracker"
- Assistants: Members of the private list, no access to private key
- Members: "core" members
- How to become a member.
- What kind of work you can do with each grant
* Workflow Overview
- some sort of introduction?
* [How to interact with the security team](contact.html)
- As a vulnerability reporter
- public issues
- private issues (embargo)
- As a package maintainer
- DSA vulnerability
- SPU vulnerability
- Just unstable
- As an upstream? (embargo issues? backporting patches?)
* How to contribute with the security team
* [How to interact with the Security Tracker](security_tracker.html)
- How to contribute to the security tracker code and install a test instance (Florian)
* Member's tasks
- DSA release: A more structured version of the current wiki pages
- embargo issues: Private queue in RT
- proposed-updates
- Take care of the "Special" packages (e.g. kernel iceweasel)
- Front desk
- Managing CVE ids pool: how to ask more ids
- Access to private key
- Access to upstream bug trackers
* Debugging situations:
- what happens after an upload of a package to chopin
- where to find logs
- reject uploads
* [Glossary](glossary.html)
- DSA, SPU, embargo, etc...
# A Narrative Introduction to the Debian Security Tracker #
[TOC]
# Debian Security Tracker
About
-----
......@@ -565,12 +567,3 @@ with the following content:
user debian-security@lists.debian.org
usertag $BUGNUM + tracked
IRC Channel
-----------
We hang-out on #debian-security on OFTC, stop by the IRC channel if
you'd like, also we can add you to the alioth project so you have svn
write permission and you can test drive it on the testing issues for
however long you like to get an idea or feel comfortable (and hey it
helps!)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment