Hi,
Holger Wansing <hwans...@mailbox.org> wrote (Thu, 8 Feb 2024 10:47:21 +0100):
> Hi,
>
> Jean-Pierre Giraud <jean-pierregir...@neuf.fr> wrote (Thu, 08 Feb 2024
> 09:49:00 +0100):
> > Le jeudi 08 février 2024 à 08:28 +0100, Thomas Lange a écrit :
> > > It's now easier than before. You don't need the year in the URL any more.
> > > This should be used instead:
> > > https://www.debian.org/security/dsa-5551
>
> @Jean-Pierre:
> Good catch noticing this. Thanks for the heads-up!
>
>
> Changings like in attached patch should do it.
On the other hand, I wonder if the above ("You don't need the year in the URL
any more") is strictly correct:
Looking at the security tracker for instance at
https://security-tracker.debian.org/tracker/source-package/chromium
then choosing a CVE like
https://security-tracker.debian.org/tracker/CVE-2024-1077
and then at the referenced DSA at
https://security-tracker.debian.org/tracker/DSA-5612-1
there is a link to the DSA at debian.org (the link is just named "Debian")
that points to
https://www.debian.org/security/2024/dsa-5612
and that works: it gets redirected to the correct DSA announcement at
https://lists.debian.org/debian-security-announce/2024/msg00019.html
Now leaving out the year from above link like
https://www.debian.org/security/dsa-5612
also redirects to the same announcement.
@Thomas: is this the intended behaviour (both variants are supported
and it stays this way) ?
In that case nothing needs to be done in the point release announcements...
Holger
--
Holger Wansing <hwans...@mailbox.org>
PGP-Fingerprint: 496A C6E8 1442 4B34 8508 3529 59F1 87CA 156E B076
