Re: Bug#372721: http://www.debian.org/security/faq#testing wrong
-----BEGIN PGP SIGNED MESSAGE-----
I would like your help with regards to #372721:
On 06/11/2006 07:09 AM, Simon Waters wrote:
> Package: www.debian.org
> Severity: important
> refers to http://secure-testing-master.debian.net/
> which no longer responds.
> Debian announcement
> Should be incorporated into the FAQ
> -- System Information:
> Debian Release: testing/unstable
> APT prefers unstable
> APT policy: (500, 'unstable')
> Architecture: i386 (i686)
> Shell: /bin/sh linked to /bin/bash
> Kernel: Linux 188.8.131.52
> Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)
The FAQ needs a couple of changes. I start rewriting it but I
have a couple of doubts:
How is security handled for testing and unstable?
A: The short answer is: it's not. Testing and unstable are rapidly moving
targets and the security team does not have the resources needed to
properly support those. If you want to have a secure (and stable) server
you are strongly encouraged to stay with stable. However, work is in
progress to change this, with the formation of a
testing security team which has begun work to offer security support
for testing, and to some extent, for unstable.
For testing it is not true anymore. But what about unstable?
How does testing get security updates?
A: Security updates will migrate into the testing
distribution via unstable. They are usually uploaded with
their priority set to high, which will reduce the quarantine time
to two days. After this period, the packages will migrate into
testing automatically, given that they are built for all
architectures and their dependencies are fulfilled in testing.
The testing security team also makes security fixes available in
their repository when the normal migration process is not fast enough.
This topic also changes. As I understood it, we should replace
with something like: "testing gets security updates in the same way that
stable does", is that correct?
Thanks in advance,
Felipe Augusto van de Wiel (faw)
"Debian. Freedom to code. Code to freedom!"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----