[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: security.debian.org mirrors?

Guy Maor wrote:
> Wichert Akkerman <wichert@cs.leidenuniv.nl> writes:
> > The reasoning is that proposed-updated contains a lot of packages, some
> > of which might be broken (no check on uploading & installing). And we
> > don't want to encourage people to automatically upgrade to those, but we
> > do want to be able to allow people to automatically upgrade only
> > security-fixes.
> That's silly.  Why not apply the labor that goes into keeping
> security.debian.org up-to-date and put it toward keeping stable up to
> date?  Every time you want to put a package on security.debian.org,
> instead install it to stable and make a point-release.

A package should only get in security.debian.org if it is already uploaded
to proposed-updates or if an update has been made and waits for the next
dinstall run, this implies checking the .changes file, though.

I won't do point releases for each and every package, but combine
a bunch of them.  The Security Policy that I've proposed says that
we will try to get a point release every one or two months, which
sounds proper.



There are lies, statistics and benchmarks.

Please always Cc to me when replying to me on the lists.

Reply to: