[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bad press related to (missing) Debian security

On Monday 27 June 2005 20:39, Marek Olejniczak wrote:
> I don't understand the philosophy of Debian security team. It's really
> so difficult to push into sarge spamassassin 3.0.4 which is not
> vulnerable? This version is in Debian testing and why this version
> can't be push into stable?

Seems that you don't understand the philosophy of the 'stable' release 
either. The basic rule for stable is: "no new upstream versions allowed".
This means security updates for spamassassin need to be backported to 
3.0.3 (excluding any functional changes).

Even if 3.0.4 contains only the security fix, it will still be backported 
and released as 3.0.3-1sarge1 or something like that.

Attachment: pgp2s7khvV2AE.pgp
Description: PGP signature

Reply to: