[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: about volatile.d.o/n

Henning Makholm [u] wrote on 11/10/2004 20:22:

Security fixes should be handled by security.d.o.

Perhaps yes, perhaps no. At least it should follow two rules:
1) If not handled by security.d.o, it should at least be handled
   in close cooperation with security.d.o
2) It has to have a seperate security archive so that a security
   fix for a package in v.d.o does not cause a package from the
   main stable release to be updated.
What I mean by the second rule is that if I have to put
deb http://volatile.debian.org stable main contrib
into sources.list, I would also need to put
deb http://security.debian.org volatile/stable main contrib
there to fetch the security fixes. I don't want the "normal" stable security deb line to cause security updates to v.d.o to be fetched.


Reply to: