[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [developers-l] Re: [debian-devel] Re: security enhanced debian branch?



On Fri, Dec 19, 2003 at 11:54:21AM +1100, Russell Coker wrote:

> >   If there's interest I would be happy to supply an unstable compiled
> >  version in addition to the stable version.
> 
> Please do so!  Most of the active development is done on unstable, so that's 
> where you want to be if you are developing anything to go in the next version 
> of main.

  Yes this seems reasonable, and it was very easy to enable for
 unstable.

  I was just interested in the stable distribution to minimize the work
 tracking the packages, and for the stable boxes I maintain.

  I will setup a buildd and start work on unstable shortly in my
 Christmas break.

> Also is there any reason not to upload binaries compiled with SSP to Debian?

  I see no reason why not, if they have been tested before upload there
 are no additional dependencies.  I spotted a couple of minor things
 that I'd like to change with the SSP patches themselves, but nothing
 major.  (Trivial things like logging to syslog when programs are
 terminated, etc).

   
> >   However I was interested in compiling core packages and this is more
> >  interseting for stable, partly because there aren't likely to be major
> >  updates - so I'm not constantly rebuilding the packages when updates
> >  occur, and partly because I have a lot of production servers running
> >  stable for which security is important.
> 
> This is where the work gets difficult.  To achieve your aims of getting this 
> in Debian/main you will have to keep a current archive of the core packages 
> for some period of time.  When sarge gets released it should free up some of 
> the people who have been doing woody back-ports to help you with this.

  Agreed.

Steve
--
# All I want for Christmas
# is a interesting new job



Reply to: