Re: Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)

To: debian-devel@lists.debian.org
Subject: Re: Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)
From: Anthony Towns <ajt@master.debian.org>
Date: Tue, 11 Dec 2001 06:23:01 -0600
Message-id: <[🔎] 20011211062301.E5688@debian.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] m3vgfhr1n0.fsf@appel.lilypond.org>; from janneke@gnu.org on Sat, Dec 08, 2001 at 07:46:11PM +0100
References: <[🔎] Pine.LNX.4.21.0112071345150.11713-100000@higgs.physik.uni-mainz.de> <[🔎] 20011208165359.A17990@blueberry.jellybean.co.uk> <[🔎] m3vgfhr1n0.fsf@appel.lilypond.org>

On Sat, Dec 08, 2001 at 07:46:11PM +0100, Jan Nieuwenhuizen wrote:
> Jules Bean <jules@jellybean.co.uk> writes:
> I'm missing the most important question:
>   1.1  Is testing secure?

That's not a really well formed question.

    1.1  How are security updates for testing managed?

    They're not. [...]

might give a better way of looking at it.

Security updates generally go in automatically under the usual
rules (and security updates should generally be uploaded with high or
emergency/critical urgency to make sure the wait's as short as possible),
but may be delayed either by architectures failing to build them, or
because of dependency issues.

There's support in the code for (or, at least, I'm willing to support)
a security team to upload security fixes compiled with the versions of
various libraries in testing to woody-proposed-updates and have them
be added immediately, but there's no security team who have the time to
track security problems in testing/unstable and do uploads, or for that
matter, machines to do the uploads from.

> At least, that is how I understand it; maybe things have changed?

I don't know of any way to make testing significantly more secure without
either (a) breaking it, or (b) having some people spend significant amounts
of time tracking the issues. I'm 

Cheers,
aj

Reply to:

Follow-Ups:
- Re: Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)
  - From: Jan Nieuwenhuizen <janneke@gnu.org>
- Re: Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)
  - From: Adrian Bunk <bunk@fs.tum.de>

References:
- Packages in queue for woody?
  - From: "Richard B. Kreckel" <kreckel@ginac.de>
- Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)
  - From: Jules Bean <jules@jellybean.co.uk>
- Re: Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)
  - From: Jan Nieuwenhuizen <janneke@gnu.org>

Prev by Date: Re: Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)
Next by Date: Re: What happened to libgtkhtml19 in unstable?
Previous by thread: Re: Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)
Next by thread: Re: Unofficial Debian 'testing' FAQ (was Re: Packages in queue for woody?)
Index(es):
- Date
- Thread