Re: Bits from the Security Team (for those that care about bits)
- To: debian-devel@lists.debian.org
- Subject: Re: Bits from the Security Team (for those that care about bits)
- From: Goswin von Brederlow <goswin-v-b@web.de>
- Date: Wed, 26 Jan 2011 14:47:52 +0100
- Message-id: <[🔎] 87ipxb6ak7.fsf@frosties.localnet>
- In-reply-to: <201101232332.11736.thijs@debian.org> (Thijs Kinkhorst's message of "Sun, 23 Jan 2011 23:32:07 +0100")
- References: <201101232332.11736.thijs@debian.org>
Thijs Kinkhorst <thijs@debian.org> writes:
> * Issues in specific packages
>
> We further discussed some specific problematic packages. One example is
> ia32-libs, which is difficult because it includes 100+ other source
> packages. This will be handled better for Squeeze: we'll have to ensure
> it's as up to date as possible at time of release, and will keep
> updating it in stable point updates to include newer package versions
> from the security archive (or the stable release itself).
A while back I looked into making the detection of security bugs in
ia32-libs (which is all just code duplication of other packages)
automatic. But the config for that detection would have needed 100+
config entries, which would ahve become verry ugly to maintain.
Has there been any change for this?
MfG
Goswin
Reply to: