Re: testing security (was Re: testing and no release schedule

To: Nathanael Nerode <neroden@twcny.rr.com>
Cc: debian-devel@lists.debian.org
Subject: Re: testing security (was Re: testing and no release schedule
From: Adrian Bunk <bunk@fs.tum.de>
Date: Fri, 2 Apr 2004 02:20:19 +0200
Message-id: <[🔎] 20040402002019.GF7694@fs.tum.de>
Mail-followup-to: Adrian Bunk <bunk@fs.tum.de>, Nathanael Nerode <neroden@twcny.rr.com>, debian-devel@lists.debian.org
In-reply-to: <[🔎] c4glng$44i$1@sea.gmane.org>
References: <20040326004250.GI16746@fs.tum.de> <20040326004711.GO23358@flounder.net> <1080332905.777.10.camel@alpha> <1080575649.3481.39.camel@minas-tirith.u-bordeaux3.fr> <c4at6q$o0n$1@sea.gmane.org> <pan.2004.03.30.07.11.59.749222@smurf.noris.de> <[🔎] c4glng$44i$1@sea.gmane.org>

On Thu, Apr 01, 2004 at 04:00:32AM -0500, Nathanael Nerode wrote:
> Matthias Urlichs wrote:
> 
> > Hi, Nathanael Nerode wrote:
> > 
> >>  I always thought
> >> that "best practice" was for maintainers to make new uploads to unstable
> >> when there's a security update, which they do -- but *also* to make
> >> security uploads to testing-proposed-updates.  This doesn't seem to
> >> actually be done very often, unfortunately, even by otherwise very
> >> diligent
> >> maintainers.  :-P  I'm not sure why -- maybe testing-proposed-updates
> >> simply isn't well-known or well-understood?  Or maybe it isn't processed
> >> efficiently?
> > 
> > If there are no dependency issues, Priority: high (or even "emergency",
> > which doesn't seem to be that well-known either) works just as well.
> Yeah; there often are dependency issues, of course.

And not to forget the build dependency issues.

The testing scripts ignore build dependencies - and how would you do an 
upload of a fixed package to testing if the package's build dependencies 
can't be fulfilled in testing?

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

Reply to:

Follow-Ups:
- Re: testing security (was Re: testing and no release schedule
  - From: Matthias Urlichs <smurf@smurf.noris.de>

References:
- Re: testing security (was Re: testing and no release schedule
  - From: Nathanael Nerode <neroden@twcny.rr.com>

Prev by Date: Re: raising severity of reports filed for packages build-depending on gcc-3.2
Next by Date: Re: raising severity of reports filed for packages build-depending on gcc-3.2
Previous by thread: Re: testing security (was Re: testing and no release schedule
Next by thread: Re: testing security (was Re: testing and no release schedule
Index(es):
- Date
- Thread