On Wed, May 14, 2008 at 11:53:30AM +0200, Holger Levsen wrote: >Hi, > >correct me if I'm wrong, but shouldnt we create new (full) CDs and DVDs now, >so that users who install now dont install with the broken openssl (dsa >1571-1), thus creating weak host keys and possible user keys. > >Or are the packages on the cd/dvd ignored / not installed at first, if there >is a security update available? But then, one can choose to install without >network/without security updates... We're due a new etch point-release and lenny beta shortly anyway, and AFAIK the installer will always pick up on security updates and use them so long as there is a network connection available at install time. I'm not convinced that rushing out a new set of CDs/DVDs is needed, but I'm open to further discussion. -- Steve McIntyre, Cambridge, UK. steve@einval.com "I can't ever sleep on planes ... call it irrational if you like, but I'm afraid I'll miss my stop" -- Vivek Dasmohapatra
Attachment:
signature.asc
Description: Digital signature