Re: security in testing
On Sun, May 18, 2003 at 02:08:28AM +1200, Nick Phillips wrote:
> On Wed, May 14, 2003 at 01:27:12PM -0400, Matt Zimmerman wrote:
> > On Wed, May 14, 2003 at 10:03:32AM -0500, Steve Langasek wrote:
> >
> > > Figuring that a security upload would be preferable, I approached the
> > > security team and offered to prepare an upload. I was effectively told
> > > that this isn't done, and because it isn't done, most testing users don't
> > > have security.d.o in their sources.list, so don't bother.
> >
> > This is an excellent point.
>
> Really? I think it's a pisspoor point.
That's probably because you completely missed it.
> If people like Steve, who maintain important packages like Samba, bother
> to create the necessary packages, then:
>
> a) It's a good start -- once people see these things starting to appear,
> more maintainers will bother, and users will start to put the relevant
> lines in their sources.list;
> b) They damn well should be made available.
I absolutely agree. What are you doing to make this happen? Sounds like we
need volunteers to process testing-proposed-updates.
> > Testing users do not have such an entry in sources.list, so any other
> > repository would be on equal footing. However, so far no one has taken
> > any action to coordinate this, nor has anyone prepared updates for
> > testing that would occupy such a repository.
>
> If this other repository had access to autobuilding facilities, then yes,
> it might be on an equal footing.
testing-proposed-updates does.
--
- mdz
Reply to: