Re: SSL for debian.org/security?

[Luca Filipozzi]

On Wed, Oct 30, 2013 at 11:12:57AM -0400, Mark Haase wrote:
 On Mon, Oct 28, 2013 at 10:01 PM, Luca Filipozzi lfili...@debian.orgwrote:
  On Mon, Oct 28, 2013 at 09:31:35PM -0400, Mark Haase wrote:
   I'd like to suggest that Debian should at least use SSL on their security
   site, even if nowhere else.
 
  We are in the process of purchasing SSL certificates for a number of our
  'web properties' including www.debian.org.  I hope to have some of them
  deployed in the next couple of weeks.

 Thanks, Luca.  Will you notify this mailing list when the SSL certs have been
 installed?

We have partnered with gandi.net for SSL certificates.  They have been quietly
and consistently generous to the open source community.  Debian has been
designated a supported project and we are happily generating certificates, now.

I or a DSA colleague of mine will inform this list when we've deployed certs to
www.debian.org and security.debian.org: won't be long now.

-- 
Luca Filipozzi
http://www.crowdrise.com/SupportDebian


signature.asc
Description: Digital signature

Enhancements/enabled hardening flags in Wheezy pkgs/release.

[Daniel Curtis]

Hello everyone,

Before Wheezy release we could find a web site, which
contained notices about update as many packages as
possible to use security hardening build flags via
'dpkg-buildflags'. Also, there could be found a note about
packages that should have build flags enabled before
the Wheezy release. It was called 'ReleaseGoals' [1].

I would like to ask how many of mentioned security
features are available in Wheezy or where can I found
some informations about this? I hope, that Developers
managed to use hardening flags for many packages etc.

The reason why I'm asking is pretty simple - I think about
upgrade Squeeze to Wheezy but simultaneously I would like
to know something more about security features in a new
release.

Best regards and all the best in 2014 year!

[1] https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags