Michael Meskes <meskes@debian.org> writes: [...] > Maybe you answered your question yourself. How about we tie our > security support to upstream's? Instead of fixing and backporting > ourselves we promise our users that this section of the archive will > get upstream's latest fixes even if that means the version number > changes. > > This way the users would get a lot of benefits from using Debian but no > drawback compared to the self-installed alternative. Hello, as a sysadmin and Ubuntu derivatives[1] at work, I remembered having the nice surprise of some incompatible changes in MySQL some time ago. Backporting the fix was not possible/too complex so new upstream patch level was integrated, modifying something around comments handling in .sql files IIRC. Finding the erratic problem, fixing it and distributing it was quite “intensive”. We monitor the -proposed repository but the change passed unseen by our jenkins. So please, before considering following upstream, consider what a sysadmin needs to do to upgrade/test/deploy the configuration. I'm dreaming the day every configuration file will be managed by Config::Model but even this is not bullet proof ;-) my 2¢. Footnotes: [1] around 25k servers deployed -- Daniel Dehennin Récupérer ma clef GPG: gpg --recv-keys 0xCC1E9E5B7A6FE2DF Fingerprint: 3E69 014E 5C23 50E8 9ED6 2AAD CC1E 9E5B 7A6F E2DF
Attachment:
signature.asc
Description: PGP signature