On Thu, Feb 22, 2001 at 06:03:53PM -0700, Ray Percival wrote: > To solve this issue with Woody I just leave the line for the > stable security updates in my sources file. I get the security > updates before they are in Woody. Is there any reason this would > not be a good idea? Yeah. It doesn't work. What if stable has version 1.0 of a package, woody and sid have 2.0. A security hole is found in 2.0 and fixed in 2.1. It gets backported to 1.0, but you're running 2.0 on testing so apt-get won't install 1.0-fixed. You need to either wait until 2.1 makes it to testing or fetch it from unstable. This issue was basically overlooked in the creation of a testing tree, and has come up many many times. I think there needs to be a policy update about it, but I haven't seen any talk of it on the policy list, nor do I know of a quick solution that doesn't risk breaking testing with possible incompatibilities. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
Attachment:
pgpZz3dgL8U1J.pgp
Description: PGP signature