On Fri, Feb 07, 2003 at 02:10:15PM +1000, Anthony Towns wrote:
> * That anyone would bother maintaining security updates for
> testing.
In particular, security updates have _always_ needed to be done
out-of-band, even way back in the day:
] 3.1 Uploading a package
] ...in order to fix a release-critical bug in prerelease
]
] The only time when the above, overly cautious, procedure is not
] workable, is when a package needs to be rushed into prerelease. This
] is exactly when a release-critical bug is being fixed (whether there
] be a bug report on it or no).
]
] The correct procedure to follow in this case, should be that the
] package is uploaded to "prerelease" with urgency=medium or high.
]
] At this point the release group should be automatically informed that
] the update is available, and presuming that it hasn't been uploaded to
] prerelease by mistake, install it into prerlease ASAP.
]
] If the release-critical fixes involved security fixes, then once the
] package is installed, a mail should be sent to the -security-announce
] list describing the problem, and similar information should be added
] to the web site.
-- http://lists.debian.org/debian-devel/1998/debian-devel-199808/msg00002.html
Cheers,
aj
--
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.
``Dear Anthony Towns: [...] Congratulations --
you are now certified as a Red Hat Certified Engineer!''
Attachment:
pgpIX43Ux9PIA.pgp
Description: PGP signature