[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: new CD and DVD images needed?!

On Wed, May 14, 2008 at 11:53:30AM +0200, Holger Levsen wrote:
>correct me if I'm wrong, but shouldnt we create new (full) CDs and DVDs now, 
>so that users who install now dont install with the broken openssl (dsa 
>1571-1), thus creating weak host keys and possible user keys.
>Or are the packages on the cd/dvd ignored / not installed at first, if there 
>is a security update available? But then, one can choose to install without 
>network/without security updates...

We're due a new etch point-release and lenny beta shortly anyway, and
AFAIK the installer will always pick up on security updates and use
them so long as there is a network connection available at install
time. I'm not convinced that rushing out a new set of CDs/DVDs is
needed, but I'm open to further discussion.

Steve McIntyre, Cambridge, UK.                                steve@einval.com
"I can't ever sleep on planes ... call it irrational if you like, but I'm
 afraid I'll miss my stop" -- Vivek Dasmohapatra

Attachment: signature.asc
Description: Digital signature

Reply to: