Re: Security risks due to packages that are no longer part of Debian?
* Christian Hammers:
> If a User upgrades his woody system to sarge and one package that has
> been part of woody is now no longer part of Debian nor being superseded by
> another package, will apt-get warn the user that this package is a potential
> security risk as Debian does not monitor nor provide fixes for reported
> security issues in this package?
No, of course not.
> For such a cases it would even be a reasonable advice to have both,
> woody/updates and sarge/updates, in the sources.list, or?
I doubt that this will work in general.
A tool which lists all packages which are no longer downloadable from
any APT source would be more helpful, I think. Does it already exist?