[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Food for thought - SECURITY (design flaw?)

On Mon, Feb 12, 2001 at 10:43:33AM -0200, Carlos Carvalho wrote:
> Andreas Tille (tillea@rki.de) wrote on 12 February 2001 11:32:
>  >IMHO people of security team shouldn't spend their time to serve
>  >security fixes for testing.  People who want to use testing on
>  >security relevant machines should know what they do and should be
>  >able to handle those issues themselves.  Those hazardeurs could try
>  >to fix important bugs of the package which is stick to unstable for
>  >whatever reason which would help the whole distribution or backport
>  >the stuff themself.
> What's the purpose of testing exactly? If it's a preparation for
> becoming stable it should obviously include the security fixes,
> otherwise when the transition testing -> stable happens you're... If
> it's not a preparation for stable it has no purpose.

It is preparation for becoming stable, but not "on half a moment's
notice".  Security fixes go into unstable and trickle into testing. 
The principal, I think, is that we can throttle the packages being
allowed into testing for an easier release cycle.


/--------------------------------\  /--------------------------------\
|       Daniel Jacobowitz        |__|        SCS Class of 2002       |
|   Debian GNU/Linux Developer    __    Carnegie Mellon University   |
|         dan@debian.org         |  |       dmj+@andrew.cmu.edu      |
\--------------------------------/  \--------------------------------/

Reply to: