[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security Updates Sources

"Tuyen DINH" <tuyen.dinh@risc.fr> writes:

> olaf@epkowa.co.jp (Olaf Meeuwissen) wrote:
> > 
> > Just put
> > 
> >   deb http://security.debian.org stable/updates main
> > 
> > et cetera in your /etc/apt/sources.list and you'll get the woody
> > security updates as soon as it has become stable
> 
> What about this line : deb http://security.debian.org/woody/updates main ?
> 
> It seems there's already a woody directory :
> ftp://security.debian.org/debian-security/dists/woody/updates/main/binary-i386/

You'll be getting packages for which no DSA has been sent out.  It is
up to you whether you would want to "blindly" install these.  Speaking
for myself, I pull down security updates, manually check the MD5sum
with those in the DSA (just matching the MD5sum in the Packages is not
good enough for me) and only then install them.  One of these days, I
should also start checking the GPG signatures on DSAs for real.

Right now, for binary-i386 you'll be getting packages for new upstream
releases.  Packages concerned: qpopper, qpopper-drac and squirrelmail.
It looks pretty much the same for the other architectures I looked at.

HTH,
-- 
Olaf Meeuwissen                            Epson Kowa Corporation, CID
GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97  976A 16C7 F27D 6BE3 7D90
LPIC-2               -- I hack, therefore I am --                 BOFH


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: