Re: Updating scanners and filters in Debian stable (3.1)
* Martin Schulze <joey@infodrom.org> [2004-09-15 20:05]:
> New upstream versions often require new libraries.
And they often don't. Obviously, the policy for updates should take
this into account and say what is permitted and what is not.
Requiring a bunch of new libraries would be outside of the scope of an
update.
> New upstream versions can require new file formats and cause other
> integrity problems.
Again, that's a good point but no argument against any update. There
are plenty of cases where the file format stays the name. We can put
this into the policy as a requirement.
> New drivers have the potential to cause new problems.
New drivers also have the potential of supporting user's new hardware.
Even if we change to faster release cycles, outdated drivers will
remain an issue given the fast pace of the hardware industry.
> A policy change like you started to discuss would make the whole
> issue of a stable Debian release since the release won't be stable
> anymore.
Most of the stable release would still be stable with some clearly
marked exceptions where it is in our user's interest to make updates.
Updating a package always has the chance of breaking something. Some
security updates have broken someone's machines. Is that a reason for
stopping to make security updates? No, of course not. There is
always a compromise between possibly breaking something and the gain
users will get. When a virus scanner is completely out of date, the
gain of putting in a new and updated version is surely bigger than the
possible breakage it may cause.
What we have to do is to draw a clear line where the benefits
outweigh the drawbacks and put this into a clearly defined policy
maintainers can follow.
--
Martin Michlmayr
tbm@cyrius.com
Reply to: