smj@littleprojects.org wrote: > I currently run Sarge on a few machines, but as I understand Debian policy, > Sarge does not receive security updates. The only security updates I can > expect are for Woody, so this makes Sarge unreliable for a production > environment. Increasingly innaccurate; see http://merkel.debian.org/~joeyh/testing-security.html In the case of the recent kernel holes, IIRC[1] the 2.6 kernel is now fixed in sarge, while 2.4 is bring blocked out due to some other RC bugs (though I've been working to let it in anyway). > I guess this is a good time for me to try to see if I can help the > Debian Security Folks out if they need it. If you have the ability to work on verifying and patching security hole then you can certianly help the _Sarge_ security team. We're not yet able to offer complete security support for sarge due to a lack of some set up autobuilders for the t-p-u queue, but we are doing a lot of work and managing to get most security holes fixed in sarge ASAP. -- see shy jo [1] Over the atlantic and can't check.
Attachment:
signature.asc
Description: Digital signature