[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: WTF: Debian security, ex. Linux kernel vulnerabilities

Andreas Barth <aba@not.so.argh.org> writes:

> * Bob Tanner (tanner@real-time.com) [050920 16:39]:
>> Same here.  Reach out to the community and let us help.
> Well, the basic problem with mirrors is:
> * How can we be sure that all mirrors are synced _very_ fast? We will
>   probably get more negative feedback if some mirrors are delayed by
>   more than 10 minutes (and some of our normal mirrors are _way_ worse).

Send the announcement more than 10 minutes after the mirror pulse.

> * How do we make sure that potential issues can be fixed "fast enough"?

Put the mirror and security.d.o into the sources.list. That way
apt-get fixes the usual issues itself by falling back to the root if

This also solves the unmentioned "How can I be sure the mirror is
current" issue.

> Of course, none of these questions is unsolveable, and there are
> currently discussions underway how we can do it sensible, but it's not
> as trivial as one might hope in the beginning of that discussion.
> Still, thank you very much for your offer (and I really hope that we can
> make use of the mirroring offters one day).
> Cheers,
> Andi


Reply to: