Re: apt needs to have a security.debian.org deb entry by default

To: Debian Boot <debian-boot@lists.debian.org>
Subject: Re: apt needs to have a security.debian.org deb entry by default
From: "Martin Bialasinski" <martin@internet-treff.uni-koeln.de>
Date: 12 Oct 1999 12:26:44 +0200
Message-id: <[🔎] 8790586fiz.fsf@haitech.martin.home>
In-reply-to: Stephane Bortzmeyer's message of "Tue, 12 Oct 1999 08:57:43 +0200"
References: <[🔎] 199910120657.IAA20936@ezili.sis.pasteur.fr>

* "Stephane" == Stephane Bortzmeyer <bortzmeyer@pasteur.fr> wrote:

Stephane> security.debian.org may include tools with very few
Stephane> testing. I'm not sure it is a good idea. Normal security
Stephane> updates, for normal people, are intended to be done by
Stephane> "stable"'s updates (yes, I know nobody really cares about
Stephane> "slink", I regret it), not by RedHat's method of having a
Stephane> separate upload for security updates.

I recently saw a mail from Wichert or Joey where he described the
method of security updates in Debian.

Step one was upload to security.debian.org, step two was announcement, 
step three was upload to stable-updates and step four was a new stable 
revision every two or three months.

Note that many security holes have to be fixed immediatelly. Noone can 
wait for a new stable revision for a remote root compromise.

Also note that security.debian.org only has packages uploaded by the
security team. stable-update has all kind of stuff in them (some of it 
doesn't make it into the next revision).

So I think security.debian.org should be a standard source for apt.

Ciao,
	Martin

Reply to:

References:
- Re: apt needs to have a security.debian.org deb entry by default
  - From: Stephane Bortzmeyer <bortzmeyer@pasteur.fr>

Prev by Date: Debian Boot Floppies CVS: boot-floppies marcel
Next by Date: New troubles with busybox init
Previous by thread: Re: apt needs to have a security.debian.org deb entry by default
Next by thread: Re: problem building for sparc
Index(es):
- Date
- Thread