Re: Bad press related to (missing) Debian security
On Mon, Jun 27, 2005 at 08:39:43PM +0200, Marek Olejniczak wrote:
> I don't understand the philosophy of Debian security team. It's really so
> difficult to push into sarge spamassassin 3.0.4 which is not vulnerable?
> This version is in Debian testing and why this version can't be push into
> stable?
In some cases fixing a problem, which an upstream will not, or
which the package maintainer cannot is *very* hard work. (eg. Mozilla/
Kernel images).
In this particular case pushing the package itself isn't a hard
job - the problem we're currently seeing isn't that the job is
hard, but that only a very small number of people have the
authority/ability to push the update out.
Steve
--
Reply to: