Contents of /TODO

* Set up for DTSAs

  - Auto moderation of developer signed mails to -announce.

  - sndadvisory should remove TODO lines from the list file since the
    advisory is complete

  - merge sndadvisory into dtsa script?

  - web DTSA pages should be built on the fly using the metadata in DTSA/
    so we don't have to update things in two places when making a change,
    and so releasing a DTSA does not involve copying html files around

  - The dtsa script should have support for updating the list file
    when running it on an advisory that it's already been run on before.
    This would facilitate issuing asvisories, which often takes a few runs
    before the final one is sent. Alternatively, get rid of the DTSA/list
    file (do we need it for anything really?)

* Merge stuff into security.debian.org. Long term, but we need to keep in
  mind that the current archive setup is just to get bootstrapped.

* Web overview
  - checklist setup for unstable needs to be fixed to ignore Hurd

* Florian's overview should be moved to secure-testing.debian.net, but
  Florian wants to resolve some issues before.

* Write the script that digs through the security bugs

* Write the script that handles the transfer between secure-testing and testing
  wrt incomplete archs (aba)

* Improve the developer's reference wrt security bugs (micah)

* Document that finalized syntax

* Review open security bugs and tag the wrt versioned bug tracking

* Create a repo of security patches

* Add user tags to security bugs to add a CVE number and a "tracked" for each analyzed
  security bug. 

* Retroactive updating of the list for not-affected and others

* Document all our stuff and work

* Implement the HELP tag and add it to some outstanding issues

* Link source package specific overview into the PTS


1	joeyh	1657	* Set up for DTSAs
2
3	joeyh	1660	- Auto moderation of developer signed mails to -announce.
4	joeyh	1657
5	joeyh	1748	- sndadvisory should remove TODO lines from the list file since the
6			advisory is complete
7
8			- merge sndadvisory into dtsa script?
9
10	joeyh	1855	- web DTSA pages should be built on the fly using the metadata in DTSA/
11			so we don't have to update things in two places when making a change,
12			and so releasing a DTSA does not involve copying html files around
13	joeyh	1748
14	joeyh	1855	- The dtsa script should have support for updating the list file
15			when running it on an advisory that it's already been run on before.
16			This would facilitate issuing asvisories, which often takes a few runs
17			before the final one is sent. Alternatively, get rid of the DTSA/list
18			file (do we need it for anything really?)
19
20	joeyh	1657	* Merge stuff into security.debian.org. Long term, but we need to keep in
21	joeyh	1748	mind that the current archive setup is just to get bootstrapped.
22	jmm-guest	2152
23			* Web overview
24	joeyh	2157	- checklist setup for unstable needs to be fixed to ignore Hurd
25	jmm-guest	2152
26			* Florian's overview should be moved to secure-testing.debian.net, but
27			Florian wants to resolve some issues before.
28
29			* Write the script that digs through the security bugs
30
31			* Write the script that handles the transfer between secure-testing and testing
32			wrt incomplete archs (aba)
33
34			* Improve the developer's reference wrt security bugs (micah)
35
36			* Document that finalized syntax
37
38			* Review open security bugs and tag the wrt versioned bug tracking
39
40			* Create a repo of security patches
41
42	joeyh	2464	* Add user tags to security bugs to add a CVE number and a "tracked" for each analyzed
43	jmm-guest	2152	security bug.
44
45			* Retroactive updating of the list for not-affected and others
46
47			* Document all our stuff and work
48
49			* Implement the HELP tag and add it to some outstanding issues
50
51			* Link source package specific overview into the PTS
52
53