On Mon, May 29, 2000 at 08:52:48PM +1000, Anand Kumria wrote:
> > is no annoucement but silently discussed on some -devel mailinglist and
> > installed into the archive??
> As it should be. unstable == alpha; frozen == beta. Neither have been
> released.
>
> If the security flaw exists in a released version of Debian then
> we should be telling the world of our fix - otherwise they don't
> need to know.
Security announcements serve a few purposes:
* tell users who never (or irregularly) upgrade to upgrade now
* share the problem/fix with other distributors (or OEMs)
* give everyone the impression that we're actually resolving issues
Pretty well all of these apply to frozen & unstable as well as to stable
(although perhaps they don't apply as well to Mandrake betas). Not everyone
running unstable has the bandwidth to upgrade everything every day.
Cheers,
aj
--
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG encrypted mail preferred.
``We reject: kings, presidents, and voting.
We believe in: rough consensus and working code.''
-- Dave Clark
Attachment:
pgpAROXvKJvCr.pgp
Description: PGP signature