[Frugalware-git] frugalware-current: docs/security
Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=80148288c43197df1b4c43d12b2e3294d5bd30b2 commit 80148288c43197df1b4c43d12b2e3294d5bd30b2 Author: Miklos Vajna [EMAIL PROTECTED] Date: Tue Aug 26 16:24:48 2008 +0200 docs/security fix the order of the steps in the 'How to release an FSA' section diff --git a/docs/security.txt b/docs/security.txt index 448b53b..f2a8968 100644 --- a/docs/security.txt +++ b/docs/security.txt @@ -23,12 +23,12 @@ issue in -stable and releases a new FSA. == How to release an FSA? -. Open the -stable Changelog file of the package. There you can see the - vulnerable and unaffected versions of the package. - . Check if the backport built by syncpkgd is ready (the binary packages should be uploaded for each arch). +. Open the -stable Changelog file of the package. There you can see the + vulnerable and unaffected versions of the package. + . Add a new entry to the frugalware/xml/security.xml file in the homepage-ng repo. ___ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git
[Frugalware-git] frugalware-current: docs/security: improve the 'How to release an FSA' section
Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=268acce02aecd1eff7269f56a1f2829f0b810d4f commit 268acce02aecd1eff7269f56a1f2829f0b810d4f Author: Miklos Vajna [EMAIL PROTECTED] Date: Sun Jul 27 20:16:12 2008 +0200 docs/security: improve the 'How to release an FSA' section diff --git a/docs/security.txt b/docs/security.txt index 08a7fe8..448b53b 100644 --- a/docs/security.txt +++ b/docs/security.txt @@ -23,12 +23,21 @@ issue in -stable and releases a new FSA. == How to release an FSA? -. Check if the backport is ready (the binary packages should be uploaded for -each arch). +. Open the -stable Changelog file of the package. There you can see the + vulnerable and unaffected versions of the package. -. Update the frugalware/xml/security.xml file in the homepage-ng repo and check -if the mail is sent to the frugalware-security list. If not, then ask on -devel -what can be the problem. +. Check if the backport built by syncpkgd is ready (the binary packages + should be uploaded for each arch). + +. Add a new entry to the frugalware/xml/security.xml file in the + homepage-ng repo. + +. Commit, push. The commit hook will check if the xml is valid, so most + common errors can be avoided. In rare cases, the announcement may not + appear on the frugalware-security list. If this is the case, then ask + on -devel about what the problem can be. + +. Close the task in the BTS, filing in FSAxxx in the closure message. == How to notice security issues ___ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git
[Frugalware-git] frugalware-current: docs/security: add versioning rules
Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=35f6c143679435e102f8d97a8e735656cf68a6da commit 35f6c143679435e102f8d97a8e735656cf68a6da Author: Miklos Vajna [EMAIL PROTECTED] Date: Tue Apr 29 11:03:54 2008 +0200 docs/security: add versioning rules diff --git a/docs/security.txt b/docs/security.txt index 9da08c5..08a7fe8 100644 --- a/docs/security.txt +++ b/docs/security.txt @@ -57,3 +57,29 @@ can find the filename of the fix. . It's also a good idea to take a look on redhat/gentoo bugzilla. They attach fixes most the time. So it's good to read the secunia mails carefully as you'll always know when the patch is available. + +== Versioning + +We use integers in pkgrels for normal packages, but -stable updates are +different. Here are the cases: + +* If you do a version bump (we refer to them as 'secfix bump' usually in + -stable commit messages), then you need to set pkgrel to 1kalgan1. + +* If you add a security patch, and pkgrel was an integer (let's say '1'), then + you should increment pkgrel to 2kalgan1. + +* If you add a security patch when the pkgrel was already in an XkalganY form, + increment it to XkalganY+1. (Alternatively, you can use X+1kalganY if there + is already a newer version in -current.) + +(Replace kalgan with the current release name, later.) + +This ensures the followings: + +* The version of the security update will be larger than the one in -stable, so + that the package will be upgraded when the user does a pacman-g2 -Syu on + -stable. +* The version of the security update will be smaller than the one in -current, + so that the package will be upgraded when the user upgrades to a new version + (current or new stable). ___ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git