[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Announcing EOL for Jessie images

On Sun, 21 Oct 2018, Noah Meyerhans wrote:
> I'm sure a lot of it is a matter of perception, but the level of
> integration of LTS with the stable lifecycle does not seem as deep as
> someone familiar with Debian stable might expect it to be. For example,
> security announcements being published to a list other than
> debian-security-announce makes it feel very unofficial and does not
> invoke the same level of confidence in the commitment (it is somewhat
> remeniscent of the secure-testing effort).

I don't think that the security team is ready to open up the gate
of their list to us. But the commitment should be judged over
our longevity. It's been 5 years already and in practice we support almost
as many packages as the main security team does (because we have enough
resources nowadays).

> Lack of integration with packages.debian.org and incomplete coverage of
> the archive also present problems. 

packages.debian.org does cover the security suites, so LTS packages are
covered, I'm not sure what you are referring to here. The main problem
is that the updates only live on security.debian.org, they are never
merged back in the main suite (because we don't do further point

> For exaple, despite the existence of
> DLA 1531, I cannot find evidence of a 4.9 kernel for jessie on
> packages.debian.org except in jessie-backports, and backports is well
> documented as not having official security support. (Again, I realize
> that this may be a matter of visibility and perception.)


Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

Attachment: signature.asc
Description: PGP signature

Reply to: