email@example.com wrote: > I currently run Sarge on a few machines, but as I understand Debian policy, > Sarge does not receive security updates. The only security updates I can > expect are for Woody, so this makes Sarge unreliable for a production > environment. Increasingly innaccurate; see http://merkel.debian.org/~joeyh/testing-security.html In the case of the recent kernel holes, IIRC the 2.6 kernel is now fixed in sarge, while 2.4 is bring blocked out due to some other RC bugs (though I've been working to let it in anyway). > I guess this is a good time for me to try to see if I can help the > Debian Security Folks out if they need it. If you have the ability to work on verifying and patching security hole then you can certianly help the _Sarge_ security team. We're not yet able to offer complete security support for sarge due to a lack of some set up autobuilders for the t-p-u queue, but we are doing a lot of work and managing to get most security holes fixed in sarge ASAP. -- see shy jo  Over the atlantic and can't check.
Description: Digital signature