On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDRÉ remarked: > Raymond Wood écrivait : > > Respectfully, does anyone know when Sid will receive patches > > for the previous Apache vulnerabilities that were fixed for > > Potato and Woody, but not Sid? It's been days... Raymond > Because Sid's aim is to allow you to test bugs... and enjoy > viruses! <g> ;-) That was not my question - read again if you must. > Sid is work-in-progress and should not be installed on any > server; so it is not aware of security issues. Sometimes the > security team graciously fix some *important* security bugs to > allow us to continue testing on our computer without to much > troubles... But don't expect it for each one! I am fully aware of the Security team's 'official policy' regarding Sid and security updates. I also think I, and probably others, are getting weary of these same old tired responses that quote policy, but do very little to help. The relevant DSA in question itself stated something to the effect 'a fix for Sid will appear soon'. At this point I am wondering how soon or how late: I mean are we talking about days or weeks at this point? It makes no sense to leave Sid vulnerable for any longer than necessary, for the fact is there *are* desktop user's who do use Sid, because it is cutting edge. Are these people just to wait like sitting ducks until their systems are compromised? This would make no sense to me. So my question stands. Cheers, Raymond
Attachment:
pgpaJsodEeqr9.pgp
Description: PGP signature