Hi LTS team,
If I do not miss something, there were updates for src:xen,
src:libidn, and src:librsvg via security.d.o but without DLA. The last
two with entries in the DLA/list file already. Could you please send
those? It might confuse people seeing the update but no advisory.
Thanks in advance,
On 2016-05-17 13:42:47, Salvatore Bonaccorso wrote:
> Hi LTS team,
>
> If I do not miss something, there were updates for src:xen,
> src:libidn, and src:librsvg via security.d.o but without DLA. The last
> two with entries in the DLA/list file already. Could you please send
> those? It might confus
Antoine Beaupré writes:
> I do believe you are correct: some DLAs are definitely missing. I wrote
> about libidn in <871t50elvf@angela.anarcat.ath.cx>, the uploader was
> Brian May (in CC).
I sent DLAs for both libidn and librsvg:
libidn: 20160516070110.ga26...@prune.linuxpenguins.xyz
librs
Brian May writes:
> However I don't see them in the archives. I can try resending...
I resent the DLAs. I suspect I might have used the wrong GPG key for
signing.
Apologies.
--
Brian May
Hi Brian, hi Antoine,
On Wed, May 18, 2016 at 11:36:21AM +1000, Brian May wrote:
> Brian May writes:
>
> > However I don't see them in the archives. I can try resending...
>
> I resent the DLAs. I suspect I might have used the wrong GPG key for
> signing.
Thanks a lot to both for the follow-up
On Tue, 17 May 2016, Antoine Beaupré wrote:
> It would be great to have better consistency here.
Yes, just like we ensure that we get an Accepted mail before sending the
DLA, we must make sure that the DLA has gone through. We are all (supposed
to be) subscribed to debian-lts-announce and it shoul
On 2016-05-18 03:45:57, Raphael Hertzog wrote:
> On Tue, 17 May 2016, Antoine Beaupré wrote:
>> It would be great to have better consistency here.
>
> Yes, just like we ensure that we get an Accepted mail before sending the
> DLA, we must make sure that the DLA has gone through. We are all (suppose
On 2016-05-18 00:12:41, Salvatore Bonaccorso wrote:
> Hi Brian, hi Antoine,
>
> On Wed, May 18, 2016 at 11:36:21AM +1000, Brian May wrote:
>> Brian May writes:
>>
>> > However I don't see them in the archives. I can try resending...
>>
>> I resent the DLAs. I suspect I might have used the wrong
On Wed, 18 May 2016, Antoine Beaupré wrote:
> Thanks for the followup Brian! I'm personally a little unclear on what
> exactly happened here: there were problems with PGP signatures? I didn't
Yes, looks like Brian used a key not in the Debian keyring.
> know those were checked by the listserv...
On Wed, 18 May 2016, Antoine Beaupré wrote:
> On 2016-05-18 03:45:57, Raphael Hertzog wrote:
> > On Tue, 17 May 2016, Antoine Beaupré wrote:
> >> It would be great to have better consistency here.
> >
> > Yes, just like we ensure that we get an Accepted mail before sending the
> > DLA, we must make
> Inline signing is not mandatory (I use MIME-signing with mutt) but
> there are enough cases where MIME-signing does not work properly
I've also found MIME-signing to be unreliable so I now use inline-signing by
default when posting to debian-lts-announce.
(My tip is to BCC your personal email
Antoine Beaupré writes:
> I wonder if some of that stuff should be automated. I am fairly new with
> the security process, how often do mistakes like this happen anyways?
>
> And how hard would it be to automate this?
I would suggest a move useful thing to automate would be filling in more
detail
On 2016-05-19 19:22:18, Brian May wrote:
> Antoine Beaupré writes:
>> I wonder if some of that stuff should be automated. I am fairly new with
>> the security process, how often do mistakes like this happen anyways?
>>
>> And how hard would it be to automate this?
>
> I would suggest a move useful
13 matches
Mail list logo
