On Fri, 2007-04-20 at 19:43 +1000, Craig Sanders wrote: > 1. why is this allegedly a 'benefit'? what's so special about > libraries? > why is a new libc6 or libssl etc more scary than a new apache or php > etc? When using a backports package, the breakage is confined to that package. When pulling in newer libs aswell, it might be that some totally unrelated part of the system, e.g. another service on that host, breaks because of a change of behaviour in that library that is not triggered by the application for which I upgraded it. It's a matter of reducing risk: if code works, do not change it unless necessary. If I can upgrade one application and keep other existing code in place, I prefer that of changing it just for the heck of it. An example: I run a stable system with apache and php from stable. I want to run some web application only in testing, which requires a newer PHP version. The version of the webapp in backports is modified to work with stable PHP, so that I can keep my working apache+php installation and still use the newer web application. Getting the version from testing directly requires also upgrading PHP, potentially breaking other web scripts that users of my system have installed. Thijs
Attachment:
signature.asc
Description: This is a digitally signed message part