Re: etch's upgrades during life cycle
Luis Matos wrote:
> backports use testing as base for the packages.
> setting up security for backports is a bit easier than for testing. Lot
> less packages.
> My point is, for example, when the security team lauches a DSA, it
> always sees if both unstable and testing are afected. They already
> monitor testing and unstable too ... it's just a question of applying
> patches. (maybe a apt-patch package. in which he rebuilds the package
> with the selected patch).
> The same would do for backports, security team would patch the package
> and send it to the buildd.
> I know ... it's more and more work for the security team ...
thinking aloud: hypothetically assumed that (parts of) backports.org
would get official, i could do security support for it as i do it atm
for about half of the packages on backports.org anyway.
Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist