On Tue, 2003-01-07 at 19:16, Noah L. Meyerhans wrote: > On Tue, Jan 07, 2003 at 05:08:23PM +0100, Adrian 'Dagurashibanipal' von Bidder wrote: > > So the version from testing should do. You may want to download the > > source package and compile it yourself to avoid having to upgrade > > dependencies (I don't know, just speculating). > > Why tell him that? What the hell is wrong with the version of openssl > from security.debian.org? There are no known security vulnerabilities > there. > > Advising somebody to install packages from *testing* to get security > updates is very unwise. Doing so would prevent them from getting a new > version of the package in the event that it's updated by the security > team again. Some might feel more comfortable with installing a package from testing than with modifying version checks in a configure script. But I agree that I probably should have said that testing, of course, does not have security support as do the stable versions. cheers -- vbi -- featured product: SpamAssassin - http://spamassassin.org
Attachment:
signature.asc
Description: This is a digitally signed message part