CINXE.COM
Diff for "Teams/Security" - Debian Wiki
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="shortcut icon" href="/htdocs/favicon.ico"> <script type="text/javascript" src="/htdocs/bugstatus.js"></script> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"> <meta name="robots" content="noindex,nofollow"> <title>Diff for "Teams/Security" - Debian Wiki</title> <script type="text/javascript" src="/htdocs/common/js/common.js"></script> <script type="text/javascript"> <!-- var search_hint = "Search"; //--> </script> <link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="/htdocs/debwiki/css/common.css"> <link rel="stylesheet" type="text/css" charset="utf-8" media="screen" href="/htdocs/debwiki/css/screen.css"> <link rel="stylesheet" type="text/css" charset="utf-8" media="print" href="/htdocs/debwiki/css/print.css"> <link rel="stylesheet" type="text/css" charset="utf-8" media="projection" href="/htdocs/debwiki/css/projection.css"> <link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="/htdocs/debian-wiki-1.0.css"> <!-- css only for MS IE6/IE7 browsers --> <!--[if lt IE 8]> <link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="/htdocs/debwiki/css/msie.css"> <![endif]--> <link rel="alternate" title="Debian Wiki: Teams/Security" href="/Teams/Security?diffs=1&show_att=1&action=rss_rc&unique=0&page=Teams%2FSecurity&ddiffs=1" type="application/rss+xml"> <link rel="Start" href="/FrontPage"> <link rel="Alternate" title="Wiki Markup" href="/Teams/Security?action=raw"> <link rel="Alternate" media="print" title="Print View" href="/Teams/Security?action=print"> <link rel="Up" href="/Teams"> <link rel="Search" href="/FindPage"> <link rel="Index" href="/TitleIndex"> <link rel="Glossary" href="/WordIndex"> <link rel="Help" href="/HelpOnFormatting"> </head> <body lang="en" dir="ltr"> <div id="logo"><a href="https://www.debian.org" title="Debian Homepage"><img src="https://www.debian.org/Pics/openlogo-50.png" alt="Debian" width="50" height="61"></a></div> <div id="header"> <div id="wikisection"> <p class="section"><a href="/FrontPage" title="Debian Wiki Homepage">Wiki</a></p> <div id="username"><a href="/Teams/Security?action=login" id="login" rel="nofollow">Login</a></div> </div> <div id="navbar"> <ul id="navibar"> <li class="wikilink"><a href="/FrontPage">FrontPage</a></li><li class="wikilink"><a href="/RecentChanges">RecentChanges</a></li><li class="wikilink"><a href="/FindPage">FindPage</a></li><li class="wikilink"><a href="/HelpContents">HelpContents</a></li><li class="current"><a href="/Teams/Security">Teams/Security</a></li> </ul> </div> <form id="searchform" method="get" action="/Teams/Security"> <div> <input type="hidden" name="action" value="fullsearch"> <input type="hidden" name="context" value="180"> <label for="searchinput">Search:</label> <input id="searchinput" type="text" name="value" value="" size="20" onfocus="searchFocus(this)" onblur="searchBlur(this)" onkeyup="searchChange(this)" onchange="searchChange(this)" alt="Search"> <input id="titlesearch" name="titlesearch" type="submit" value="Titles" alt="Search Titles"> <input id="fullsearch" name="fullsearch" type="submit" value="Text" alt="Search Full Text"> </div> </form> <script type="text/javascript"> <!--// Initialize search form var f = document.getElementById('searchform'); f.getElementsByTagName('label')[0].style.display = 'none'; var e = document.getElementById('searchinput'); searchChange(e); searchBlur(e); //--> </script> <div id="logo"><a href="https://www.debian.org" title="Debian Homepage"><img src="https://www.debian.org/Pics/openlogo-50.png" alt="Debian" width="50" height="61"></a></div> <div id="breadcrumbs"><a href="/FrontPage" title="Debian Wiki Homepage">Wiki</a><span class="sep">/</span> </div> <ul class="editbar"><li><a href="/Teams/Security?action=login" id="login-1" rel="nofollow">Login</a></li><li class="toggleCommentsButton" style="display:none;"><a href="#" class="nbcomment" onClick="toggleComments();return false;">Comments</a></li><li><a class="nbinfo" href="/Teams/Security?action=info" rel="nofollow">Info</a></li><li><a class="nbattachments" href="/Teams/Security?action=AttachFile" rel="nofollow">Attachments</a></li><li> <form class="actionsmenu" method="GET" action="/Teams/Security"> <div> <label>More Actions:</label> <select name="action" onchange="if ((this.selectedIndex != 0) && (this.options[this.selectedIndex].disabled == false)) { this.form.submit(); } this.selectedIndex = 0;"> <option value="raw">Raw Text</option> <option value="print">Print View</option> <option value="RenderAsDocbook">Render as Docbook</option> <option value="show" disabled class="disabled">Delete Cache</option> <option value="show" disabled class="disabled">------------------------</option> <option value="SpellCheck">Check Spelling</option> <option value="LikePages">Like Pages</option> <option value="LocalSiteMap">Local Site Map</option> <option value="show" disabled class="disabled">------------------------</option> <option value="RenamePage" disabled class="disabled">Rename Page</option> <option value="DeletePage" disabled class="disabled">Delete Page</option> <option value="show" disabled class="disabled">------------------------</option> <option value="show" disabled class="disabled">Subscribe User</option> <option value="show" disabled class="disabled">------------------------</option> <option value="show" disabled class="disabled">Remove Spam</option> <option value="show" disabled class="disabled">Revert to this revision</option> <option value="PackagePages">Package Pages</option> <option value="show" disabled class="disabled">------------------------</option> <option value="Load">Load</option> <option value="Save">Save</option> <option value="SlideShow">SlideShow</option> </select> <input type="submit" value="Do"> </div> <script type="text/javascript"> <!--// Init menu actionsMenuInit('More Actions:'); //--> </script> </form> </li></ul> <h1 id="locationline"> <ul id="pagelocation"> <li>Diff for "Teams/Security"</li> </ul> </h1> </div> <div id="page" lang="en" dir="ltr"> <div id="content"> <span class="diff-header">Differences between revisions 13 and 14</span> <table class="diff"> <tr> <td style="border:0;"> <form action="/Teams/Security" method="get"> <div style="text-align:left"> <input name="action" value="diff" type="hidden"> <input name="rev1" value="12" type="hidden"> <input name="rev2" value="13" type="hidden"> <input value="Previous change" type="submit"> </div> </form> </td> <td style="border:0"> </td> <td style="border:0;"> <form action="/Teams/Security" method="get"> <div style="text-align:right"> <input name="action" value="diff" type="hidden"> <input name="rev1" value="14" type="hidden"> <input name="rev2" value="15" type="hidden"> <input value="Next change" type="submit"> </div> </form> </td> </tr> </table> <table class="diff"> <tr><td class="diff-info"> <div class="diff-info diff-info-header"><a class="diff-nav-link diff-first-link diff-old-rev" href="/Teams/Security?action=diff&rev1=1&rev2=14" title="Diff with oldest revision in left pane">⇤</a> <a class="diff-nav-link diff-prev-link diff-old-rev" href="/Teams/Security?action=diff&rev1=12&rev2=14" title="Diff with older revision in left pane">←</a> Revision 13 as of 2014-03-06 09:45:16 <span class="diff-no-nav-link diff-next-link diff-old-rev" title="Can't change to revision newer than in right pane">→</span> </div> <div class="diff-info diff-info-rev-size"><span class="diff-info-caption">Size:</span> <span class="diff-info-value">2381</span></div> <div class="diff-info diff-info-rev-author"><span class="diff-info-caption">Editor:</span> <span class="diff-info-value"><span title="carnil"><a class="nonexistent" href="/SalvatoreBonaccorso" title="carnil">?</a>SalvatoreBonaccorso</span></span></div> <div class="diff-info diff-info-rev-comment"><span class="diff-info-caption">Comment:</span> <span class="diff-info-value"></span></div> </td><td class="diff-info"> <div class="diff-info diff-info-header"> <span class="diff-no-nav-link diff-prev-link diff-new-rev" title="Can't change to revision older than revision in left pane">←</span> Revision 14 as of 2014-03-06 09:46:06 <a class="diff-nav-link diff-next-link diff-new-rev" href="/Teams/Security?action=diff&rev1=13&rev2=15" title="Diff with newer revision in right pane">→</a> <a class="diff-nav-link diff-last-link diff-old-rev" href="/Teams/Security?action=diff&rev1=13&rev2=17" title="Diff with newest revision in right pane">⇥</a></div> <div class="diff-info diff-info-rev-size"><span class="diff-info-caption">Size:</span> <span class="diff-info-value">2382</span></div> <div class="diff-info diff-info-rev-author"><span class="diff-info-caption">Editor:</span> <span class="diff-info-value"><span title="carnil"><a class="nonexistent" href="/SalvatoreBonaccorso" title="carnil">?</a>SalvatoreBonaccorso</span></span></div> <div class="diff-info diff-info-rev-comment"><span class="diff-info-caption">Comment:</span> <span class="diff-info-value"></span></div> </td></tr> <tr> <td class="diff-removed"><span>Deletions are marked like this.</span></td> <td class="diff-added"><span>Additions are marked like this.</span></td> </tr> <tr class="diff-title"> <td><a href="#line-34">Line 34</a>:</td> <td><a href="#line-34">Line 34</a>:</td> </tr> <tr> <td class="diff-removed"> * http://anonscm.debian.org/viewvc/secure-testing/doc/<span>na</span>rra<span>tiv</span>e<span>_int</span>r<span>oduction</span>?view=co</td> <td class="diff-added"> * http://anonscm.debian.org/viewvc/secure-testing/doc/<span>public/secu</span>r<span>ity_t</span>ra<span>ck</span>er?view=co</td> </tr> </table> <div dir="ltr" id="content-below-diff" lang="en"><span class="anchor" id="top"></span> <span class="anchor" id="line-1"></span><p class="line867"> <h1 id="Debian_Security_Team">Debian Security Team</h1> <span class="anchor" id="line-2"></span><span class="anchor" id="line-3"></span><p class="line867"> <h2 id="Infrastructure">Infrastructure</h2> <span class="anchor" id="line-4"></span><ul><li><p class="line891"><strong>Website</strong>: <a class="http" href="http://www.debian.org/security/">http://www.debian.org/security/</a> <span class="anchor" id="line-5"></span></li><li><p class="line891"><strong>Documentation</strong>: <span class="anchor" id="line-6"></span><ul><li><p class="line891"><a href="/DebianSecurity">DebianSecurity</a> <span class="anchor" id="line-7"></span></li><li><p class="line891"><a href="/DebianSecurity/AdvisoryCreation">DebianSecurity/AdvisoryCreation</a> <span class="anchor" id="line-8"></span></li></ul></li><li><p class="line891"><strong>Unix groups</strong>: security, sec_public, sec_embargo, sectracker <span class="anchor" id="line-9"></span></li></ul><p class="line867"> <h2 id="Interacting_with_the_team">Interacting with the team</h2> <span class="anchor" id="line-10"></span><ul><li><p class="line891"><strong>Read the FAQ first</strong>: <a class="http" href="http://www.debian.org/security/faq">http://www.debian.org/security/faq</a> <span class="anchor" id="line-11"></span></li><li><p class="line891"><strong>Developer's reference</strong>: <a class="http" href="http://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security">Dealing with a security issue in your package</a>. <span class="anchor" id="line-12"></span></li><li><p class="line891"><strong>Email contact</strong>: <a class="mailto" href="mailto:team@security.debian.org">team@security.debian.org</a> (== <a class="mailto" href="mailto:security@debian.org">security@debian.org</a>) <span class="anchor" id="line-13"></span></li><li><p class="line891"><strong>Public IRC channel</strong>: <a class="irc" href="irc://irc.debian.org/debian-security">#debian-security</a> <span class="anchor" id="line-14"></span></li><li><p class="line891"><strong>Reporting a bug tagged "security"</strong> <span class="anchor" id="line-15"></span></li></ul><p class="line867"> <h2 id="Usual_roles">Usual roles</h2> <span class="anchor" id="line-16"></span><ul><li style="list-style-type:none"><p class="line862">See list of members here: <a class="http" href="http://www.debian.org/intro/organization">http://www.debian.org/intro/organization</a> <span class="anchor" id="line-17"></span><span class="anchor" id="line-18"></span></li></ul><p class="line874">The normal procedure is that some member of the team claims a reported issue and takes it from there until the advisory is fully released. <span class="anchor" id="line-19"></span><span class="anchor" id="line-20"></span><p class="line874">Next to the "full members" (part of the 'security' group), the team also has "assistants" (only in the sec_embargo group). This last role is usually for new members of the team. An assistant can read almost all data that the full members can, and construct a full advisory, but not actually install the updated packages into the archive. A full member will review the assistant's work and release it. <span class="anchor" id="line-21"></span><span class="anchor" id="line-22"></span><p class="line867"> <h2 id="Task_description">Task description</h2> <span class="anchor" id="line-23"></span><span class="anchor" id="line-24"></span><p class="line874">The security team evaluates security threats, and produces updated packages for our stable and old-stable releases, and release these packages through security.debian.org together with an advisory mail. <span class="anchor" id="line-25"></span><span class="anchor" id="line-26"></span><p class="line874">The preferred situation is that the regular maintainer of an affected package (who is most familiar with its ins and outs) prepares updated packages or a ready to use patch which, after approval, will be uploaded to security-master. If the regular maintainer can't or won't provide updates (in time), the security team will take the task of creating the updated packages. <span class="anchor" id="line-27"></span><span class="anchor" id="line-28"></span><p class="line874">Security for testing and unstable is not officially guaranteed, but the team tracks those distributions as well in the security tracker. A number of regular volunteers outside of the team help with triaging issues on the security tracker. <span class="anchor" id="line-29"></span><span class="anchor" id="line-30"></span><p class="line867"> <h2 id="More_stuff">More stuff</h2> <span class="anchor" id="line-31"></span><p class="line874">Some brief links: <span class="anchor" id="line-32"></span><span class="anchor" id="line-33"></span><ul><li><p class="line891"><a class="http" href="http://security-tracker.debian.org/tracker/">http://security-tracker.debian.org/tracker/</a> <span class="anchor" id="line-34"></span></li><li><p class="line891"><a class="http" href="http://anonscm.debian.org/viewvc/secure-testing/doc/public/security_tracker?view=co">http://anonscm.debian.org/viewvc/secure-testing/doc/public/security_tracker?view=co</a> <span class="anchor" id="line-35"></span></li></ul><span class="anchor" id="bottom"></span></div></div><div id="pagebottom"></div> </div> <div id="footer"> <p id="pageinfo" class="info" lang="en" dir="ltr">Teams/Security (<a class="nbinfo" href="/Teams/Security?action=info" rel="nofollow">last modified 2022-11-03 03:57:30</a>)</p> <ul id="credits"> <li>Debian <a href="https://www.debian.org/legal/privacy">privacy policy</a>, Wiki <a href="/Teams/DebianWiki">team</a>, <a href="https://bugs.debian.org/wiki.debian.org">bugs</a> and <a href="https://salsa.debian.org/debian/wiki.debian.org">config</a>.</li><li>Powered by <a href="https://moinmo.in/" title="This site uses the MoinMoin Wiki software.">MoinMoin</a> and <a href="https://moinmo.in/Python" title="MoinMoin is written in Python.">Python</a>, with hosting provided by <a href="https://www.man-da.de/">Metropolitan Area Network Darmstadt</a>.</li> </ul> </div> </body> </html>