Re: Dreamhost dumps Debian
Steve Langasek writes ("Re: Dreamhost dumps Debian"):
> To me, being redirected to stable-updates constitutes a refusal/denial by
> the security team to use the security updates channel. Again, if it's a
> security issue that's not important enough to be an official security
> update, it's not important enough for me to spend time on it as a stable
> update either. [...]
I'm afraid I don't see why you'd think that.
> Well, I don't think that's a very good policy. I don't see why, if the bug
> is worth fixing in a stable release for security reasons, it should go
> through the stable-updates channel instead of the security channel. [...]
As Peter Palfrader points out stable-updates allows more review,
because it doesn't suffer from the process problems caused by the need
for secrecy. stable-updates are also made in less of a hurry.
Furthermore, from the pov of the user, stable-updates are less
disruptive. They can choose to take a point release when it comes
out, or to defer it. When they do take a point release that can be a
planned activity so that they're ready to deal with any regressions.