[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Hi, I've installed woody on my Alphaserver, but the packages on it are quite old so I was looking for something a little more up to date, even if it's not that stable, that's ok. Going to the debian.org website for this, it was not immeiately clear to me which ISO's I needed to download, so

On Mon, May 10, 2004 at 03:13:03AM -0700, Phil Carmody wrote:
> --- Helge Kreutzmann <kreutzm@itp.uni-hannover.de> wrote:
> > There is testing, solid, very seldom breakages, quite current. No
> > security support.
> What do you mean by "no security support"? Simply that, because this is an
> actively developed configuration, there's no special support for security
> issues, as that's already covered by the standard development cycle that all
> packages have?

If in package A a security issue is found, the security team will
release a security update for "stable". The package maintainer will
upload a new version to "unstable". Now, even if the priority is set
to high, it takes a few days to propagate to "testing" -- provided no
new RC bugs are found in the packages or its dependencies.

As an example, kde3 hit testing not to long ago. So, testing users did
not get the security update for kde2 (well, I did not check, maybe the
security update for stable worked in this case), but neither got a new
version since it had not hit testing. This is not against KDE, just to
illustrate the case at hand.

Generally though, it only takes a few days for security updates to
propagate, and a cautios admin could use pinning to selectivly pull in
security related issues even if they have not yet hit testing.



Helge Kreutzmann, Dipl.-Phys.               Helge.Kreutzmann@itp.uni-hannover.de
  gpg signed mail preferred    gpg-key: finger kreutzm@zibal.itp.uni-hannover.de
    64bit GNU powered                  http://www.itp.uni-hannover.de/~kreutzm
       Help keep free software "libre": http://www.freepatents.org/

Attachment: pgpa8U6UkthuL.pgp
Description: PGP signature

Reply to: