[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Outrage at Debian dropping security for 2.1

On Sat, Sep 30, 2000 at 07:38:03AM +0100, Steve Dobson wrote:
> At work I upgraded to potato way to early; because I wanted one of the
> cool new features of one of the packages -- I forget which now.  This was
> a mistake, I spent far to much time updating the systems trying to get it
> to a stable state.

If upgrading to potato (i.e. stable) had failed, you should have filed bug

> If I had to upgrade to the latest version of unstable Debian to get a
> needed security fix that is an unacceptable requirement on me as a user.

But nobody is asking anyone to upgrade to latest _unstable_, it's the latest
_stable_ we're talking about. Which is supposed to be considerably easier to
upgrade to.

> We need to define a reasonable period over which we support both the
> stable and the obsolete versions.

Whatever we define, we must implement. Unless people volunteer to do the

> It would also be polite to announce when we would be cutting support. 
> Users would then know when they need to act by. Jut cutting support is a
> bit like putting a gun to the users head and saying upgrade to potato now
> or suffer.

Of course. Our security team even asked the users through the
-security-announce list if they wouldn't mind cutting support at some

Digital Electronic Being Intended for Assassination and Nullification

Reply to: