Re: policy change is needed to keep debian secure
On Sat, 20 Aug 2005, Daniel Sterling wrote:
> The latest upgrades to sarge's firefox have addressed (successfully?) several
> security vulnerabilities. I submit that the work done to create these new
> packages has been wasted effort, for at least two reasons.
that is just one package out of 30,000+ packages
> 1. Creating these packages duplicates work already done upstream.
using latest the latest apps from the originating authors is good,
and that is what i do ..
but you do have to spend the time to track it and test it before
*you* deploy it
using the lastest apps can also bite your butt for being on the
bleeding edge ... or as you say, using old stable can equally
bite you too
important packages that someone/soem groups felt they need to
upgrade might also release those upgraded packages in *.deb form
----
debian's policy seems okay for now ..
---- changing one's direction ( policy ) in the middle is equally bad ..
--- i'd like to see various providers of apps ( *.deb ) and upgrades
be listed on a single page http://updates.debian.org/Updates instead
of hunting for it in yahoo/google
c ya
alvin
Reply to: