On Mon, May 29, 2000 at 08:52:48PM +1000, Anand Kumria wrote: > > is no annoucement but silently discussed on some -devel mailinglist and > > installed into the archive?? > As it should be. unstable == alpha; frozen == beta. Neither have been > released. > > If the security flaw exists in a released version of Debian then > we should be telling the world of our fix - otherwise they don't > need to know. Security announcements serve a few purposes: * tell users who never (or irregularly) upgrade to upgrade now * share the problem/fix with other distributors (or OEMs) * give everyone the impression that we're actually resolving issues Pretty well all of these apply to frozen & unstable as well as to stable (although perhaps they don't apply as well to Mandrake betas). Not everyone running unstable has the bandwidth to upgrade everything every day. Cheers, aj -- Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/> I don't speak for anyone save myself. GPG encrypted mail preferred. ``We reject: kings, presidents, and voting. We believe in: rough consensus and working code.'' -- Dave Clark
Attachment:
pgpAROXvKJvCr.pgp
Description: PGP signature