[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Extended Long Term Support for Wheezy

On Sun, 25 Feb 2018, Moritz Mühlenhoff wrote:
> The security tracker is fairly flexible and it should take little
> effort to setup a separate instance which is based on the main
> data/our triage efforts while acting on a local Packages file.
> Ideally document this process publicly, so that others can also run
> a local security tracker if they operate a local repository.

We can have another tracker, sure. But then we want to use the data of the
main tracker and we want to push our own data. We could fork the git
repository and merge regularly but it's going to generate lots of
conflicts and will be somewhat annoying to handle.

Are you suggesting that it should be possible to store our own data
in another git repository and that the tracker should be easily able to
merge the data coming from two distincts repositories ?

> > And indeed if we prepare the infrastructure for this by finding a way
> > to host the updates for wheezy for longer than expected, we pave the
> > way for CIP to take over security maintenance of our old releases.
> It's two entirely different things, though. CIP intends to create
> a pool of common packages used by embedded vendors, while the extended
> LTS proposal extends the lifetime of a regular Debian release (for
> the demands of a specific group of users).

Yes, but I believe that those common packages are plain Debian packages.
It's also not clear how many packages are going to be covered but the
initial list looks like very short.

Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

Reply to: