Re: What should I do.
Hi Ola,
On Tue, 27 Feb 2001, Ola Lundqvist wrote:
> I have got some questions about updating horde and imp for potato.
> The reason is that the upstream have released a new fixed version
> with mostly security fixes. Actually just security fixed and maybe
> some language translations.
> The install scripts have benn changed quite a lot from the potato
> release and I think it is better, but it changes some of the
> configuration strategy and also now depends on a package
> wwwconfig-common that eases the configuration for horde, imp and dcl.
> Should I upload anything to stable. There is no critical security
> bugs, but some minor ones.
> Should I backport all fixes?
> Should I just upload the one that are for sid? But then there is
> a problem with the package dependencies... That is not an option...
> Should I use the same install scripts (maybe with some minor fixes)
> and use the upstream source?
IMHO, imp and horde are such fast-moving targets that the only reasonable
option is to backport the fixes. So much of IMP's functionality is bound up
in configuration files -- config files whose contents and formats /change/
between releases -- that I think it would otherwise be a nightmare for the
admin trying to upgrade... This is not something we want to happen in stable.
:( The 'security fixes only' POV argues that an admin should /not/ have to
learn new configuration settings in order to keep his potato box secure.
> Should I let this be debian-qa business?
Not a question I know the answer to. :)
Regards,
Steve Langasek
postmodern programmer
Reply to: