Re: Security updates without DSA?

To: debian-security@lists.debian.org, security@debian.org
Subject: Re: Security updates without DSA?
From: Matt Zimmerman <mdz@debian.org>
Date: Tue, 1 Oct 2002 11:01:42 -0400
Message-id: <[🔎] 20021001150142.GD32586@alcor.net>
Mail-followup-to: debian-security@lists.debian.org, security@debian.org
In-reply-to: <87k7l3rpz5.fsf@frodo.epkowa.co.jp>
References: <87hegd63eu.fsf_-_@frodo.epkowa.co.jp> <87adm0me81.fsf@frodo.epkowa.co.jp> <20020930205400.GI14444@alcor.net> <87k7l3rpz5.fsf@frodo.epkowa.co.jp>

On Tue, Oct 01, 2002 at 08:56:46AM +0900, Olaf Meeuwissen wrote:

> Matt Zimmerman <mdz@debian.org> writes:
> 
> > This is normal in general, as the stable distribution is updated from
> > time to time by point releases, which fix critical non-security bugs.
> > However, woody has not received such an update as yet.
> 
> I'd say critical non-security bug fixes should go to proposed-updates, but
> that's debatable.

There is no sense debating that, they _do_ go to proposed-updates, and then
they are periodically merged into point releases.

> Nevertheless, I'd expect a DSA for everything that ends
> up in
>
>   deb http://security.debian.org/ stable/updates main

This is not the case for uploads which were made to testing-security, since
they are now in stable-security as well as stable.

> [kdenetwork]
> I (as well as Peter Mathiasson in his) see 4:2.2.2-14 in my Packages file
> for woody.  security.d.o has 4:2.2.2-14.0woody1.  For the record, I
> apt-get update'd yesterday from ftp.jp.debian.org, a primary mirror.

You may be right about this one, I'm not sure what happened.

-- 
 - mdz

Reply to:

Next by Date: Probem with openssh and pam modules
Next by thread: Probem with openssh and pam modules
Index(es):
- Date
- Thread