[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: testing vs stable (was Re: broadcom drivers debian (was RE: Debian Installer - Problems Partitioning))



On Mon, Jun 07, 2004 at 08:37:46PM -0400, Dan M. MacNeil wrote:
> http://www.nl.debian.org/security/faq#testing

> Q: How is security handled for testing and unstable?

> A: The short answer is: it's not. Testing and unstable are rapidly moving
> targets and the security team does not have the resources needed to
> properly support those. If you want to have a secure (and stable) server
> you are strongly encouraged to stay with stable. However, the security
> secretaries will try to fix problems in testing and unstable after they
> are fixed in the stable release.

> It is my subjective experience that the security team is actually pretty
> good about updating testing.  For example the postgresql update applied to
> both testing & stable.

This would be very subjective indeed, because the security team does
nothing to directly address security holes in testing.  The most they do
is to document whether the bug affects testing.

-- 
Steve Langasek
postmodern programmer

Attachment: signature.asc
Description: Digital signature


Reply to: