On Tue, Dec 21, 2010 at 12:34 PM, Moritz Muehlenhoff wrote: > Upgrade instructions > - -------------------- > > If you are using the apt-get package manager, use the line for > sources.list as given below:
For future advisories, I wonder if this might be better said as "Make sure that a 'deb http://security.debian.org/ stable/updates main' line is included in your /etc/apt/sources.list and then run the following commands to perform the update' > apt-get update > will update the internal database > apt-get upgrade > will install corrected packages > > You may use an automated update by adding the resources from the > footer to the proper configuration. Isn't this a repeat of the first sentence in the upgrade instructions? > - > --------------------------------------------------------------------------------- > For apt-get: deb http://security.debian.org/ stable/updates main I think this would be better stated in plain English as suggested above. > For dpkg-ftp: ftp://security.debian.org/debian-security > dists/stable/updates/main Since dpkg-ftp is removed from sid/squeeze (and I don't know if it checks signatures), I think this line should be removed. > Mailing list: debian-security-annou...@lists.debian.org Is this statement useful? The user can look at the mail header to see where it came from. > Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> This may be better to state in plain English. For example, "For more info on this package, type 'apt-cache show' or visit http://packages.debian.org/<pkg>. For information on the changes involved type 'cat /usr/share/doc/<pkg>/changelog.Debian.gz' or install the apt-listchanges package." I wonder if there should be a warning somewhere in this footer about using tools (such as dpkg) that don't check signatures? Or maybe explicitly state that apt, aptitude, synaptic, software center, update manager, etc are the only recommended tools. Anyway, just some thoughts on new changes. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktimscmql9ztzrffans_5yjob4o4kxpvhz2w_l...@mail.gmail.com