On 4/18/21 5:36 PM, Ken Moffat via blfs-dev wrote:
----- Forwarded message from Ken Moffat via blfs-book
<[email protected]> -----
Arghh - I sent this to -book.
Date: Sun, 18 Apr 2021 23:03:22 +0100
From: Ken Moffat via blfs-book <[email protected]>
To: [email protected]
Cc: Ken Moffat <[email protected]>
Subject: [blfs-book] RFC: Adding advisories chapter to the editor's guide.
Reply-To: BLFS Book Maintenance List <[email protected]>
User-Agent: Mutt/2.0.6 (2021-03-06)
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <YHysqp+J2Ju/[email protected]>
My first public version of new chapter 7 on how to update security
advisories is now rendered at
https://rivendell.linuxfromscratch.org/~ken/lfs-editors-guide/
and the cleaned-up patches which created it are at
https://rivendell.linuxfromscratch.org/~ken/lfs-editors-guide-patches/
(I've also loaded everything I currently had at higgs).
I have included comments on making symlinks so that you can check
all the links locally before committing - in my own case, the
rendered books are in /sources/books/ (versioned as sysv and systemd)
but the advisories are in my lfswww repo at ~/ so I have symlinks
from /sources/books/:
blfs-advisories : to ~/.../lfswww/blfs/advisories
lfs-advisories : to ~/.../lfswww/lfs/advsories
lfs/view has links to current development and 10.1 LFS books, in my
case development now goes to lfs-book-git.
blfs to ../blfs-advisories (this fixes the link for
consolicated.html when approached from the lfs advisories).
view : links for the current and 10.1 BLFS books (in my case svn now
goes to blfs-book-sysv).
There are two items I regard as outstanding, apart from whatever
people pick up when reviewing this:
1. I'd still like some replies to my post about restarting things
which use OpenSSL after upgrading it, since I think that not all of
our users will appreciate this needs to be done.
2. For the moment, where a vulnerability is late in coming to light
and we have already both moved to a newer version, and then made a
release, we do not currently mention it (on the grounds that users
keeping up to date with addressing the vulnerabilities which concern
them will have already read the advisories for the past release).
I don't see any easy way of fixing this - if we spam the -dev and
-support lists to say 'BTW - new vulnerability in old flac-3.2 has
now come to light, see addition to the 10.0 advisories' that will be
messy and also we do not report current advisories like that.
(Yes, Doug, I thought omitting these was the way to go, but I now
think it opens a hole in the process.)
See the "In theory ..." paragraph of the Introduction (section
7.1)."
As of this message, the changes are not on rivendell.
You need to
git clone [email protected]:lfs-editor-guide.git \
lfs-editor-guide.git
Be sure to update the date and changelog as usual. Make the changes
there and git push. The book should be automatically rebuilt and
available are at
https://rivendell.linuxfromscratch.org/lfs/LFS-EDITORS-GUIDE.html
-- Bruce
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
