[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: False information on backports.org

Hi there,

On Tuesday 09 October 2007 20:19, Martin Ammermüller wrote:
> >  You can also shoot into your foot if you like. Pulling every package
> > from backports instead of just the ones you really need is a pretty bad
> > idea.
> Why?

* you will lose security support of stable security team
* maybe a bad maintained backport will have security holes open for ages
* maybe a backport aren't stable enought for productive environment
* maybe a backport with change abi(s)
* maybe a backport isn't maintained anymore (carefully)

> Currently i have 1104 packages installed including 98 packages from
> backports.org. That's only nearly 7.8% of all installed packages. I don't
> know why i should switch to testing. About 70 of these packages from
> backports.org are there because of KDE 3.5.7. I won't pin 70 packages by
> hand, switching back and forth between aptitude and editing
> /etc/apt/preferences because i have to pin all dependencies, too.

I never used pinning in relation with bpo, "aptitude -t [sarge|etch]-backports 
install <package>" did work absolut perfectly and as expected. Dunno why 
anybody want to use pinning instead.

With kind regards, Jan.
Never write mail to <waja@spamfalle.info>, you have been warned!
Version: 3.1
GIT d-- s+: a- C+++ UL++++ P+ L+++ E- W+++ N+++ o++ K++ w--- O M V- PS PE
Y++ PGP++ t-- 5 X R tv- b+ DI- D++ G++ e++ h-- r+++ y+++

Attachment: pgp6_deJ9xEII.pgp
Description: PGP signature

Reply to: