[Secure-testing-team] New members, how to help

Karol M. Langner karol.langner at gmail.com
Sat Mar 15 21:18:34 UTC 2008 

On Thursday 13 March 2008 22:34, Stefan Fritsch wrote:
> Hi,
>
> sorry this mail took so long. So far Nate Campi, Karol Langner, and
> Chris Lamb have been added to the Alioth project. You should now be
> able to check out and commit to the svn repository.
>
> The thing with which to start is checking new issues. These are added
> by a cron job (about two times per week) to data/CVE/list and just
> have a "TODO: check". There are a few open issues in there now. If
> someone wants to start, please coordinate on #debian-security to
> avoid duplicate work.
>
> There is a syntax check in the post-commit hook, so you will not be
> able to commit if you break the syntax. The error message can by
> cryptic, ask if you have problems. Sometimes, the tracker will detect
> errors only after they have been commited. It then sends error
> messages to the secure-testing-commits mailing list. Therefore, you
> should all subscribe to that list. This list is also where you see
> that new open issues have been added to the list.
>
> There is a tool that helps with sorting out all the NOT-FOR-US issues:
> See "bin/check-new-issues -h". For the search functions in
> check-new-issues to work, you need to have unstable in your
> sources.list and have done "apt-get update" and "apt-file update".
> Having libterm-readline-gnu-perl installed helps, too.
>
> When you find an issue affecting Debian, find out whether it is
> already fixed in Debian and edit the entry accordingly. Look for
> corresponding bug reports. File a bug if the issue is not yet fixed
> in unstable. Choose the severity of the bug report depending on the
> issue. Not all security issues are "grave", many are
> only "important", some are only "normal" or "minor". Always mention
> the CVE id in the bug report.
>
> I hope this was not too confusing. If you have questions, ask. BTW,
> feel free to improve or extend doc/narrative_introduction if
> something is missing.
>
>
>
> Cheers,
> Stefan

Hi Stefan,

 Unfortunately I have to back down from helping due to new obligations. So 
feel free to remove me from the alioth project, since I won't be 
contributing.

Sorry for the noise I made,
Karol

-- 
written by Karol Langner
Sat Mar 15 22:18:16 CET 2008

More information about the Secure-testing-team mailing list