Re: Secure APT (was: Re: New Maintainers)
On Tue, Sep 23, 2003 at 12:17:29AM +0100, Colin Watson wrote:
> On Mon, Sep 22, 2003 at 03:53:39PM -0400, Matt Zimmerman wrote:
> > On Mon, Sep 22, 2003 at 09:07:42PM +0200, Florian Weimer wrote:
> > > On Mon, Sep 22, 2003 at 10:07:03AM -0400, Matt Zimmerman wrote:
> > > > A great deal of work has been done in this area. See
> > > > http://bugs.debian.org/203741 for information. It would be great
> > > > if you would like to help with this.
> > >
> > > Has the patch been integrated into CVS? I think so (but the bug
> > > report doesn't say so explicitly).
> >
> > No, it hasn't, because I'm trying to get a new apt into testing, and
> > introducing a lot of new code like this usually doesn't help. I was
> > hoping to have a new apt safely in testing by now, and to be able to
> > put this into unstable and start getting testing for it, but since
> > glibc and gcc-3.3 held up apt's progress into testing for so long,
> > this has been problematic.
>
> If the code is otherwise ready, you could drop it into experimental.
> This is probably the best approach if you think it could be ready for
> sarge.
I really don't think it could be ready for sarge. I am moving cross-country
starting next week, and so will not be around to handle problems that arise,
even if a sufficient number of people try the package from experimental.
It'd be nice if someone else wanted to step up to help with that; as I
recall, you said you wouldn't be able to do much in the near future.
I've recorded my ideas about the current status of things in the BTS
(#203741). I've added a default keyring to the mix, so the upgrade path is
smooth. It needs a couple of small things, but I think it's ready for much
broader testing. I've been keeping it in sync with the other changes I've
made to apt recently.
--
- mdz
Reply to: