Hello Samuel,
On 27/08/2024 23:17, Samuel Henrique wrote:
As I've mentioned before, here's the recording of the CVE talk from this year's
DebConf, the talk is titled: "Fixing CVEs on Debian: Everything you probably know already"
I've provided subtitles (en, pt-br) and chapter markers for the video
on YouTube:
https://youtu.be/XzNVVILVyUM
Thanks for the talk :)
Nice beginner's overview of CVE processes.
On a note, maybe I'd emphasizing testing more: there's much screen time
about a git-based review workflow and only one slide on testing. In
practice I find the opposite: I often spend little DLA time backporting (especially if the change was already identified, backports are most
often trivial), and the vast majority of my time actually testing the
changes, including manual tests targeting each CVE-impacted area :)
Cheers!
Sylvain Beucler
Debian LTS Team
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)