[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security updates to wheezy-backports vs. -sloppy

* Colin Watson <cjwatson@debian.org> [160117 18:42]:
> Mainly I just want to confirm that it's OK to cherry-pick security
> patches in this way, rather than the alternative of telling
> wheezy-backports users that they have to use wheezy-backports-sloppy to
> get security fixes.

The contribute instructions[1] (in my reading) explicitly allow this:

"Of course there are some exceptions: Security updates. If your
package had a security update you can upload a new backport even if
its not yet in testing."

Obviously care neds to be taken to not break the upgrade path / version
numbering scheme.

I'd base the wheezy-backports upload on the jessie-security
version, but you'd know best what to base your upload on.

[1] http://backports.debian.org/Contribute/

 ,''`.  Christian Hofstaedtler <zeha@debian.org>
: :' :  Debian Developer
`. `'   7D1A CFFA D9E0 806C 9C4C  D392 5C13 D6DB 9305 2E03

Reply to: