Re: Testing/Security (was: Re: 3.1 kl - 3.1 final)
-----BEGIN PGP SIGNED MESSAGE-----
Am Mittwoch, 5. Februar 2003 12:12 schrieb Paul Cupis:
> If you want to run testing and get security updates, then either help
> ensure the that glibc gets into testing in good time (et cetera) so that
> security uploads into sid move into testing with only a 2 day delay, or
> keep an eye on the security problems and temporarily pull the fixed
> packages from sid until they move into testing themselves.
That's what I do currently. Security-Announcement lack one thing, though: the
use the name for the source package, not the one for the binary package. E.g.
the latest dhcp3 issue was only with dhcp3-relay, not all dhcp3 packages.
But e.g. the newer cups packages was a little bit more work, because pulling
that one also involved gs-esp, puh.
BTW: what would be the "amount of additional work"? Mostly, the fixed packages
compile in testing without a hick and thus the packages would only have to be
compiled. I always thought that this was kind of automated...
BTW: what is all this fuzz about libc6-2.3? Are there any package that
actually _requires_ this newer lib? No? Then why holding back?
gcc-transition? But what about the non-C++ packages? Strange...
Mein GPG-Key ist auf meiner Homepage verfügbar: http://www.hendrik-sattler.de
oder über pgp.net
PingoS - Linux-User helfen Schulen: http://www.pingos.schulnetz.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
-----END PGP SIGNATURE-----