Re: apt needs to have a security.debian.org deb entry by default
* "Stephane" == Stephane Bortzmeyer <email@example.com> wrote:
Stephane> security.debian.org may include tools with very few
Stephane> testing. I'm not sure it is a good idea. Normal security
Stephane> updates, for normal people, are intended to be done by
Stephane> "stable"'s updates (yes, I know nobody really cares about
Stephane> "slink", I regret it), not by RedHat's method of having a
Stephane> separate upload for security updates.
I recently saw a mail from Wichert or Joey where he described the
method of security updates in Debian.
Step one was upload to security.debian.org, step two was announcement,
step three was upload to stable-updates and step four was a new stable
revision every two or three months.
Note that many security holes have to be fixed immediatelly. Noone can
wait for a new stable revision for a remote root compromise.
Also note that security.debian.org only has packages uploaded by the
security team. stable-update has all kind of stuff in them (some of it
doesn't make it into the next revision).
So I think security.debian.org should be a standard source for apt.