diff options
| author | Michael Gilbert <michael.s.gilbert@gmail.com> | 2011-01-18 02:17:49 +0000 |
|---|---|---|
| committer | Michael Gilbert <michael.s.gilbert@gmail.com> | 2011-01-18 02:17:49 +0000 |
| commit | 38f772f944cd74e3600ed4a6eb178feec8e87b3f (patch) | |
| tree | 00cada108e0c7961b717b8f80f85f6dae1f1c7b8 /doc/historic/README | |
| parent | 48ccbc6631eed19011cda1e4ec1ccdb215028481 (diff) | |
create a historic document dir and move a bunch of outdated stuff there
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15917 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'doc/historic/README')
| -rw-r--r-- | doc/historic/README | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/doc/historic/README b/doc/historic/README new file mode 100644 index 0000000000..fab6bc2d1d --- /dev/null +++ b/doc/historic/README @@ -0,0 +1,55 @@ +The checklist program can be run on a system with madison available to +check vulnerability info from the list files against what packages are in +testing. Also the updatelist is used by the Makefile to update the lists +with new info from Mitre. So the various list files need a common, machine +parsable format. That format is: + +begin claimed by foo + +[date] id description + {id id id} + UPCASE: text + - package [version] (note; note; note) + +end claimed by foo + + +Without writing a format grammar, because this is really rather ad-hoc and +probably will be replaced with something better: + +[date] + The date of the advisory in the form dd Mmm YYYY (01 Nov 2004). + Optional, only given for DSAs at the moment. +id + DSA-nnn-n, CVE-YYY-nnnn, etc +description + Pretty much freeform description of the problem. Short and optional. + By convention, if it's taken from upstream data source + automatically, it will be in parens. If you want to use a different + description, put it in square brackets instead. +{id id id} + This is used to link to other ids that describe the same hole. + Generally used to link DSAs to CVEs and back. +UPCASE + Any word in upper case, typically NOTE, HELP, TODO, RESERVED, + REJECTED, NOT-FOR-US. + May be repeated for each entry. +- package [version] (note; notes; note) + Indicates that the problem is fixed in the given version of the + package. May repeat for other packages. If the problem is unfixed, + use "<unfixed>" as the version. If the problem doesn't affect Debian, + use "<not-affected>" as the version. If the problem only affects + shipped releases, for which the stable security team provides + security support and the affected package has meanwhile been removed + from the archive use "<removed>" as the version. If the problem + affects a particular release, prepend "[release]" before the + "- package" to reflect as much. + + The notes can be freeform, but some are understood by the tools, + including "bug #nnnnn", "bug filed", and "high", + "medium", "low", "unimportant" and "unknown" urgencies. + +begin claimed by foo +end claimed by foo + Marks a set of items that are being checked by someone. + Used to avoid duplicate work. |