On Sun, 2003-02-23 at 19:25, Simon Huggins wrote: > I don't see why people are worried about numbering for security patches > for testing. Why wouldn't they be done in the same way that security > patches are done at the moment? i.e 1.2.3-1.sarge.1 as the security fix > for 1.2.3-1 Simple problem: foo 1.2-1 is in stable foo 1.3-1 in testing foo 1.4-1 is in unstable Security problem. foo 1.2-1.woody.1 goes to stable foo 1.3-1.sarge.1 goes to testing unstable is not fixed because the security patch for 1.3 does not apply cleanly, and anyway, it is expected that upsteam fixes this soon. Now, foo 1.4-1 moves to testing with the security problem still unfixed. Damn. In other words: all security problems would have to be closely watched for unstable, too, and this is not really possible. Yes, in many cases it wouldn't happen because the fix goes to both stable and unstable, but the case above will happen, and testing users with security updates would feel a safety that they don't have. cheers -- vbi -- Available for key signing in Zürich and Basel, Switzerland (what's this? Look at http://fortytwo.ch/gpg/intro)
Attachment:
signature.asc
Description: This is a digitally signed message part