On Tue, May 12, 1998 at 01:58:16AM -0500, Zachary DeAquila wrote: > > What is policy on software updates to the 'stable' tree? Software there > is somewhat 'stale' and has unacceptable security risks such as Smail > lacking the anti-relay features, bind still being v4.9.6, etc. Should I > just not run 'stable' ? (This might mean I shouldn't run Debian at all, > I understand) Uploads into stable are still possible, though these may only be security fixes or fixes for critical bugs. These uploads go into bo-updates and will be moved into bo later. Normal uploads have to go into unstable. If you need/provide bo versions of software please refer to bo-unstable. Inside of that directory you'll find a README describing how to do versioning. Anti-Relay is not a security problem, though there was a security problem with Smail from bo. That's why it got updated. Concerning bind the fixed version has already been uploaded into bo-updates some time ago and was moved into bo yesterday. Concerning security problems please refer to http://www.debian.org/security/ and debian-security-announce@lists.debian.org The security team publishes updates there. Regards, Joey, who is happy that Debian GNU/Linux 1.3.1r7 materialized yesteday. -- / Martin Schulze http://home.pages.de/~joey/ / Linux - the choice of a GNU generation joey@linux.de /
Attachment:
pgp0Hivs_HJTl.pgp
Description: PGP signature