[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Dreamhost dumps Debian

Steve Langasek writes ("Re: Dreamhost dumps Debian"):
> To me, being redirected to stable-updates constitutes a refusal/denial by
> the security team to use the security updates channel.  Again, if it's a
> security issue that's not important enough to be an official security
> update, it's not important enough for me to spend time on it as a stable
> update either.  [...]

I'm afraid I don't see why you'd think that.

> Well, I don't think that's a very good policy.  I don't see why, if the bug
> is worth fixing in a stable release for security reasons, it should go
> through the stable-updates channel instead of the security channel.  [...]

As Peter Palfrader points out stable-updates allows more review,
because it doesn't suffer from the process problems caused by the need
for secrecy.  stable-updates are also made in less of a hurry.

Furthermore, from the pov of the user, stable-updates are less
disruptive.  They can choose to take a point release when it comes
out, or to defer it.  When they do take a point release that can be a
planned activity so that they're ready to deal with any regressions.


Reply to: