Re: security.debian.org mirrors?

[Martin Schulze <joey@finlandia.Infodrom.North.DE>]

Marcelo E. Magallon wrote:
> On Thu, Sep 02, 1999 at 10:18:14PM -0700, Guy Maor wrote:
> 
> > date?  Every time you want to put a package on security.debian.org,
> > instead install it to stable and make a point-release.
> 
> Ok.  We are getting somewhere here.  Please excuse me for being stubborn. 
> Exactly what does the maintainer making the security fix do?  He uploads the
> package to master with distribution set to stable, and _also_ uploads it to

Upload should only go to stable, then inform the security team.  It will
have to prepare an advisory, watch other arch's uploading packages as
well and will move it to security.d.o.

> that right?  If so, dinstall picks the new release withing the next 24
> hours and it gets installed in proposed-updates.  Is this right so far?  So,

right.

> Now, my problem is some users don't want everything in proposed-updates. 
> Could we _please_ have security-updates on master archive?  Just a bunch of

Why on master?  Why not use security.debian.org?  That's one of its
purposes.

> For example, I just looked in proposed updates, and I found this entry in
> one of the packages:
> 
>    * /usr/share/doc
> 
> See my point now?  There are 15 .changes files there and only 5 explicitly

That's why it is proposed-updates and not stable.  I'm sure you've read
the list Wichert and I have prepared to get 2.1r3 done.  It is relatively
conservative.

Regards,

	Joey

-- 
There are lies, statistics and benchmarks.

Please always Cc to me when replying to me on the lists.