From 42c7bfb90aa67e3330758331997c6cad18cf8e3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Hertzog?= <hertzog@debian.org>
Date: Wed, 18 Feb 2015 17:04:21 +0000
Subject: Add a new helper script to contact package maintainers

For now I have only provided sample templates for the LTS team, but
everything is ready if the security team wants to use it too.

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@32318 e39458fd-73e7-0310-bf30-c45bca0a0e42
---
 templates/lts-no-dsa.txt | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 templates/lts-no-dsa.txt

(limited to 'templates/lts-no-dsa.txt')

diff --git a/templates/lts-no-dsa.txt b/templates/lts-no-dsa.txt
new file mode 100644
index 0000000000..4ca8ebfd9e
--- /dev/null
+++ b/templates/lts-no-dsa.txt
@@ -0,0 +1,41 @@
+To: {{ to }}
+Cc: {{ cc }}
+Subject: About the security issues affecting {{ package }} in Squeeze
+
+# XXX: Decide whether you want to put some of those persons in copy and
+# then drop this comment
+# Uploaders: {{ uploaders}}
+
+Hello dear maintainer(s),
+
+the Debian LTS team recently reviewed the security issue(s) affecting your
+package in Squeeze:
+{%- if cve -%}
+{% for entry in cve %}
+https://security-tracker.debian.org/tracker/{{ entry }}
+{%- endfor -%}
+{%- else %}
+https://security-tracker.debian.org/tracker/source-package/{{ package }}
+{%- endif %}
+
+We decided that we would not prepare a squeeze security update (usually
+because the security impact is low and that we concentrate our limited
+resources on higher severity issues and on the most widely used packages).
+That said the squeeze users would most certainly benefit from a fixed
+package.
+
+If you want to work on such an update, you're welcome to do so. Please
+try to follow the workflow we have defined here:
+http://wiki.debian.org/LTS/Development
+
+If that workflow is a burden to you, feel free to just prepare an
+updated source package and send it to debian-lts@lists.debian.org
+(via a debdiff, or with an URL pointing to the the source package,
+or even with a pointer to your packaging repository), and the members
+of the LTS team will take care of the rest. However please make sure to
+submit a tested package.
+
+Thank you very much.
+
+{{ sender }},
+  on behalf of the Debian LTS team.
-- 
cgit v1.2.3