Re: Updating scanners and filters in Debian stable (3.1)

To: Wouter Verhelst <wouter@grep.be>
Cc: Tomas Fasth <tomfa@debian.org>, Hamish Moffatt <hamish@debian.org>, debian-devel@lists.debian.org
Subject: Re: Updating scanners and filters in Debian stable (3.1)
From: Thomas Bushnell BSG <tb@becket.net>
Date: 16 Sep 2004 15:05:46 -0700
Message-id: <[🔎] 877jqt50p1.fsf@becket.becket.net>
In-reply-to: <[🔎] 20040916214305.GB22281@grep.be>
References: <[🔎] 20040913134051.GM29632@finlandia.infodrom.north.de> <[🔎] 2qmangF114h21U1@uni-berlin.de> <[🔎] 20040913200040.GA19365@cirrus.madduck.net> <[🔎] 20040914121928.GC419@riva.ucam.org> <[🔎] 2qopeiF12aai1U2@uni-berlin.de> <[🔎] 20040914182348.GA24674@steve.org.uk> <[🔎] 20040915124235.GA28238@ba.issia.cnr.it> <[🔎] 20040916094926.GD2283@cloud.net.au> <[🔎] 41499EEE.2030008@debian.org> <[🔎] 87brg69jtt.fsf@becket.becket.net> <[🔎] 20040916214305.GB22281@grep.be>

Wouter Verhelst <wouter@grep.be> writes:

> On Thu, Sep 16, 2004 at 10:58:54AM -0700, Thomas Bushnell BSG wrote:
> > Tomas Fasth <tomfa@debian.org> writes:
> > 
> > > Shouldn??t this be handled as security updates anyway? The security
> > > team could expand it's scope to take care of these matters as well.
> > > That would make things work within current scheme, provided that
> > > they get enough volunteers to handle the workload.
> > 
> > It should be easy to get the volunteers.  The assumption here is that
> > the maintainers of the packages in question are willing and interested
> > to keep it up to date, but don't have a way to push the changes to
> > users.
> > 
> > Of course, they do have a way: the security archive.
> 
> That's not what the security archive is for. Granted, the updates are
> needed for the security of your system, but that doesn't make it a
> security update, does it?

I don't see why not.  A security update is a fix to a package that
enables it to behave more securely.  That should apply to both passive
fixes (like getting rid of a buffer overflow) and active ones (like
adding a new virus pattern rule).

More specifically, this is why we have the security archive: to enable
rapid response fixes for the stable release that are necessary for
security, so that they don't have to go through the normal stable
updates procedure.

Thomas

Reply to:

References:
- Updating scanners and filters in Debian stable (3.1)
  - From: Martin Schulze <joey@infodrom.org>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: Johannes Rohr <j.rohr@gmx.de>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: martin f krafft <madduck@debian.org>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: Colin Watson <cjwatson@debian.org>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: Johannes Rohr <j.rohr@gmx.de>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: Steve Kemp <skx@debian.org>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: "Francesco P. Lovergine" <frankie@debian.org>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: Hamish Moffatt <hamish@debian.org>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: Tomas Fasth <tomfa@debian.org>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: Updating scanners and filters in Debian stable (3.1)
  - From: Wouter Verhelst <wouter@grep.be>

Prev by Date: Re: Updating scanners and filters in Debian stable (3.1)
Next by Date: All my apologise !
Previous by thread: Re: Updating scanners and filters in Debian stable (3.1)
Next by thread: Re: Updating scanners and filters in Debian stable (3.1)
Index(es):
- Date
- Thread