blob: 41cf30495521aa1e105ea62a0cccb3f48619f43f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=iso8859-1">
<title>Uploading to testing-security</title>
<link type="text/css" rel="stylesheet" href="style.css">
<link rel="shortcut icon" href="http://www.debian.org/favicon.ico">
</head>
<body>
<div align="center">
<a href="http://www.debian.org/">
<img src="http://www.debian.org/logos/openlogo-nd-50.png" border="0" hspace="0" vspace="0" alt=""></a>
<a href="http://www.debian.org/">
<img src="http://www.debian.org/Pics/debian.png" border="0" hspace="0" vspace="0" alt="Debian Project"></a>
</div>
<br />
<table class="reddy" width="100%">
<tr>
<td class="reddy">
<img src="http://www.debian.org/Pics/red-upperleft.png" align="left" border="0" hspace="0" vspace="0"
alt="" width="15" height="16"></td>
<td rowspan="2" class="reddy">Debian testing security team</td>
<td class="reddy">
<img src="http://www.debian.org/Pics/red-upperright.png" align="right" border="0" hspace="0" vspace="0"
alt="" width="16" height="16"></td>
</tr>
<tr>
<td class="reddy">
<img src="http://www.debian.org/Pics/red-lowerleft.png" align="left" border="0" hspace="0" vspace="0"
alt="" width="16" height="16"></td>
<td class="reddy">
<img src="http://www.debian.org/Pics/red-lowerright.png" align="right" border="0" hspace="0" vspace="0"
alt="" width="15" height="16"></td>
</tr>
</table>
<p>
To upload a package to the secure-testing repository, any Debian
developer may follow this checklist:
<ol>
<li>Only upload changes that have already been made in
unstable and are blocked by reaching testing by some other
issues. This is both to keep things in sync once the
new version from unstable reaches testing, and to avoid
breaking secure-testing too badly with fixes that have not
been tested first in unstable.</li>
<li>If the orig.tar.gz is already on security.debian.org
(either in stable-security or in testing-security)
don't include it in the upload. If in doubt, ask the team.</li>
<li>Contact the team first to avoid duplicate work.</li>
<li>Use a version number that is less than the version
number of the fix in unstable, but greater than the version
number of the fix in testing (including a possible +b1 for binNMUs).
For example, if the fix is in a new upstream version 1.0-1 in unstable,
upload version 1.0-1~lenny1 to testing-security. If the current version
in testing is 1.2-3 and the fix is backported to this version, upload
version 1.2-3+lenny1 to testing-security.</li>
<li>Use "testing-security" as the distribution in the
changelog.</li>
<li>Build the package in a testing chroot using pbuilder
so that all the dependencies are ok. Be sure to build with
the -sa switch to include source, unless the source is
already in the testing-security archive.
</li>
<li>Test the package. Diff the package against the version
in testing (if backporting fixes). Use debdiff on both
source and binary packages.</li>
<li>Sign the package. Any Debian developer in the keyring
can do so.</li>
<li>Upload to <tt>security-master.debian.org</tt>.
Here is a dput.cf snippet for that upload queue:
<pre>
[testing-security]
fqdn = security-master.debian.org
method = ftp
incoming = /pub/OpenSecurityUploadQueue/
login = anonymous
</pre>
Note that this is <em>not</em> the same queue as usually used for stable security.
</li>
</ol>
<hr><p>$Id: index.html 6493 2007-09-04 11:06:04Z nion $</p>
<a href="http://validator.w3.org/check?uri=referer">
<img border="0" src="http://www.w3.org/Icons/valid-html401" alt="Valid HTML 4.01!" height="31" width="88"></a>
<a href="http://jigsaw.w3.org/css-validator/check/referer">
<img border="0" src="http://jigsaw.w3.org/css-validator/images/vcss" alt="Valid CSS!"
height="31" width="88"></a>
</body></html>
|