Re: developer's guide to security updates
On Fri, Jun 14, 2002 at 01:37:51AM -0400, Jimmy Kaplowitz wrote:
> So, in that case, the unstable version would not get the fix until: (1)
> the fix was accepted by the security infrastructure for testing; (2) the
> fix showed up in testing; (3) a new version was uploaded to unstable.
> Does this mean that unstable would actually lag behind testing for
> security updates?
If the maintainer were uploading a new version anyway, presumably the
security fix would be included as well. The only instance where this would
not be preferable would be where the security problem is confidential, in
which case unstable should absolutely lag behind, since it is public.
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com