[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Updating scanners and filters in Debian stable (3.1)

On Thu, Oct 07, 2004 at 01:54:11PM -0700, Thomas Bushnell BSG wrote:
> 
> This is an excellent argument for upgrading that part.  It is no
> argument for including new command line features, hookins to other
> parts of the system, or other arbitrary features that might be added.

It is an argument is the policy for the "call-it-volatile" states so, and that
is exactly what remains to be defined, since the consensous on the list points
to an agreement on the direction on having it.

> So I have no objection to a policy which incorporates new virus
> definitions and the like, but not just arbitrary possibly
> destabilizing code.

I support such a policy, as long as it does not modify the current stable
policy, and is created as an add-on for the user to choose if he/she wants it.

> It might well be that it's a lot of work to provide the package
> rightly (where "rightly" means that it only upgrades what must be
> upgraded to keep it useful, but not other stuff).  But that doesn't
> mean it's impossible, nor does it excuse doing it wrongly because it's
> too hard for the Debian package maintainer.

It might be that is a lot of work to create point releases and yet we do them
(kudos to the stable point RM).

And no, is not impossible but IT WILL NEVER get to stable, since it is against
the current stable policy.

Do you want to change that policy? Start moving strings and contacting the
involved parties to get such a change. Until the, no security backports will
get into Debian Stable with the current policy.

My (and other's) approach is by suggesting to create a policy and
infrastructure to support upgrading a package to obtain upgraded functionality
due to the real usability of a certain group of packages due to time factors.

> We can get him help, or we can say that Debian doesn't have anyone who
> wants to provide a stable package.  But "just provide an unstable
> package" is not a solution.  We don't need the Debian brand to do
> that.

Debian provides a stable and obsolete package, which might not be that stable
since nobody in its senses would use it. And the provide an updated package
does not mean it is unstable. And with the current idea, it does not mean we
are forcing users to use it. They decide.

[ AND FOR THE THIRD TIME, reply TO THE LIST, since I am subscribed. Let's see
if putting this in the bottom of the message makes you read it and understand
it. If not, use a proper MUA and configure it. My mutt does reply to the list,
and not to random fellow subscribers ]

-- 
Jesus Climent                                      info:www.pumuki.org
Unix SysAdm|Linux User #66350|Debian Developer|2.4.27|Helsinki Finland
GPG: 1024D/86946D69 BB64 2339 1CAA 7064 E429  7E18 66FC 1D7F 8694 6D69

I don't wanna hear old sad bastard music Barry, I just want something I can 
ignore.
		--Rob (High Fidelity)
Reply to: