Re: about volatile.d.o/n
Henning Makholm [u] wrote on 11/10/2004 20:22:
Security fixes should be handled by security.d.o.
Perhaps yes, perhaps no. At least it should follow two rules:
1) If not handled by security.d.o, it should at least be handled
in close cooperation with security.d.o
2) It has to have a seperate security archive so that a security
fix for a package in v.d.o does not cause a package from the
main stable release to be updated.
What I mean by the second rule is that if I have to put
deb http://volatile.debian.org stable main contrib
into sources.list, I would also need to put
deb http://security.debian.org volatile/stable main contrib
there to fetch the security fixes. I don't want the "normal" stable
security deb line to cause security updates to v.d.o to be fetched.