On Mon, Oct 06, 2003 at 03:58:07PM -0700, Adam McKenna wrote: > On Mon, Oct 06, 2003 at 05:54:09PM -0500, Steve Langasek wrote: > > > Because it is the only thing I could find that reflects Debian's > > > take on security fixes: feature backports are to be avoided. > > That's because it's the position of the *Security Team*, and is > > certainly not binding on other developers who are making changes to > > packages in *unstable*. > I don't see how the package being in unstable affects any part of this > argument. Will the feature backport be less desirable when the > kernel-source package is released in a stable revision of Debian? Being desirable or not doesn't matter, because there's a policy about what kinds of changes will be accepted to stable releases of packages -- a policy enforced by the stable release manager and the security team. This is a policy governing *the scope of changes made to released packages*, and does not limit what developers are allowed to do to packages prior to release. The difference is clear when you consider that this policy is being used to argue against deviating from upstream releases, when in fact the security backport policy *invariably* results in deviation from upstream releases in stable security updates. So you can argue for whatever set of rules you'd like, but that does not make it "Debian's take" on security fixes (to packages in unstable). -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature