Re: Updating scanners and filters in Debian stable (3.1)
Wouter Verhelst <wouter@grep.be> writes:
> On Thu, Sep 16, 2004 at 10:58:54AM -0700, Thomas Bushnell BSG wrote:
> > Tomas Fasth <tomfa@debian.org> writes:
> >
> > > Shouldn??t this be handled as security updates anyway? The security
> > > team could expand it's scope to take care of these matters as well.
> > > That would make things work within current scheme, provided that
> > > they get enough volunteers to handle the workload.
> >
> > It should be easy to get the volunteers. The assumption here is that
> > the maintainers of the packages in question are willing and interested
> > to keep it up to date, but don't have a way to push the changes to
> > users.
> >
> > Of course, they do have a way: the security archive.
>
> That's not what the security archive is for. Granted, the updates are
> needed for the security of your system, but that doesn't make it a
> security update, does it?
I don't see why not. A security update is a fix to a package that
enables it to behave more securely. That should apply to both passive
fixes (like getting rid of a buffer overflow) and active ones (like
adding a new virus pattern rule).
More specifically, this is why we have the security archive: to enable
rapid response fixes for the stable release that are necessary for
security, so that they don't have to go through the normal stable
updates procedure.
Thomas
Reply to: