X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=pkgs.dbk;h=873c42c4e7d0678c609153727434f581e58401f8;hb=52dc65cfa7d8ecbd0c6631fa9ca9c61be60be0a6;hp=768a8cce6d285fe571f95c7cb418658cf476a560;hpb=09e125ec82ca59b994894e07b977ea10c73573e0;p=developers-reference.git

diff --git a/pkgs.dbk b/pkgs.dbk
index 768a8cc..873c42c 100644
--- a/pkgs.dbk
+++ b/pkgs.dbk
@@ -290,9 +290,9 @@ There are several possible values for this field: <literal>stable</literal>,
 <literal>unstable</literal>.
 </para>
 <para>
-Actually, there are two other possible distributions: <literal>stable-security</literal>
-and <literal>testing-security</literal>, but read
-<xref linkend="bug-security"/> for more information on those.
+Actually, there are other possible distributions:
+<replaceable>codename</replaceable><literal>-security</literal>,
+but read <xref linkend="bug-security"/> for more information on those.
 </para>
 <para>
 It is not possible to upload a package into several distributions at the same
@@ -443,8 +443,8 @@ parameter to put the package into one of the queues.
 <title>Security uploads</title>
 <para>
 Do <emphasis role="strong">NOT</emphasis> upload a package to the security
-upload queue (<literal>oldstable-security</literal>, <literal>stable-security</literal>,
-etc.) without prior authorization from the security team.  If the
+upload queue (on <literal>security-master.debian.org</literal>)
+without prior authorization from the security team.  If the
 package does not exactly meet the team's requirements, it will cause many
 problems and delays in dealing with the unwanted upload.  For details, please
 see <xref linkend="bug-security"/>.
@@ -843,10 +843,9 @@ fixing them themselves, sending security advisories, and maintaining
 <para>
 When you become aware of a security-related bug in a Debian package, whether or
 not you are the maintainer, collect pertinent information about the problem,
-and promptly contact the security team, preferably by filing a ticket in
-their Request Tracker.
-See <ulink url="http://wiki.debian.org/rt.debian.org#Security_Team"></ulink>.
-Alternatively you may email &email-security-team;.
+and promptly contact the security team by emailing &email-security-team;. If
+desired, email can be encrypted with the Debian Security Contact key, see
+<ulink url="https://www.debian.org/security/faq#contact"/> for details.
 <emphasis role="strong">DO NOT UPLOAD</emphasis> any packages for
 <literal>stable</literal> without contacting the team.  Useful information
 includes, for example:
@@ -1122,11 +1121,10 @@ Be sure to verify the following items:
 <listitem>
 <para>
 <emphasis role="strong">Target the right distribution</emphasis>
-in your <filename>debian/changelog</filename>.
-For <literal>stable</literal> this is <literal>stable-security</literal> and
-for <literal>testing</literal> this is <literal>testing-security</literal>, and for the previous
-stable release, this is <literal>oldstable-security</literal>.  Do not target
-<replaceable>distribution</replaceable><literal>-proposed-updates</literal> or
+in your <filename>debian/changelog</filename>:
+<replaceable>codename</replaceable><literal>-security</literal>
+(e.g. <literal>wheezy-security</literal>).
+Do not target <replaceable>distribution</replaceable><literal>-proposed-updates</literal> or
 <literal>stable</literal>!
 </para>
 </listitem>
@@ -1154,8 +1152,9 @@ later distributions.  If in doubt, test it with <literal>dpkg
 --compare-versions</literal>.  Be careful not to re-use a version number that
 you have already used for a previous upload, or one that conflicts with a
 binNMU. The convention is to append
-<literal>+</literal><replaceable>codename</replaceable><literal>1</literal>, e.g.
-<literal>1:2.4.3-4+lenny1</literal>, of course increasing 1 for any subsequent
+<literal>+deb</literal><replaceable>X</replaceable><literal>u1</literal> (where
+<replaceable>X</replaceable> is the major release number), e.g.
+<literal>1:2.4.3-4+deb7u1</literal>, of course increasing 1 for any subsequent
 uploads.
 </para>
 </listitem>
@@ -1194,8 +1193,8 @@ have such a system yourself, you can use a debian.org machine (see
 <title>Uploading the fixed package</title>
 <para>
 Do <emphasis role="strong">NOT</emphasis> upload a package to the security
-upload queue (<literal>oldstable-security</literal>, <literal>stable-security</literal>,
-etc.) without prior authorization from the security team.  If the
+upload queue (on <literal>security-master.debian.org</literal>)
+without prior authorization from the security team.  If the
 package does not exactly meet the team's requirements, it will cause many
 problems and delays in dealing with the unwanted upload.
 </para>
@@ -1520,12 +1519,13 @@ still be present in the <ulink url="&snap-debian-org;">snapshot archive</ulink>.
 </para>
 <para>
 The version control system used by the previous maintainer might contain useful
-changes, so it might be a good idea to have a look there.  Check if the control
+changes, so it might be a good idea to have a look there.  Check if the <filename>control</filename>
 file of the previous package contained any headers linking to the version
 control system for the package and if it still exists.
 </para>
 <para>
-Package removals from unstable (not testing, stable or oldstable) trigger the
+Package removals from <literal>unstable</literal> (not <literal>testing</literal>,
+<literal>stable</literal> or <literal>oldstable</literal>) trigger the
 closing of all bugs related to the package. You should look through all the
 closed bugs (including archived bugs) and unarchive and reopen any that were
 closed in a version ending in <literal>+rm</literal> and still apply. Any that