Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
Bernd Eckenfels wrote:
> In article <[🔎] 20071229080401.GA4521@ftbfs.de> you wrote:
>> These releases are called 'point releases' and are prepared publicly.
>> Preperation mails to these point releases are periodicly sent to
>> debian-releases@lists.debian.org[1]. Also prior releases had
>> 'Miscellaneous Bugfixes', see eg. [2]. The list of 'Miscellaneous
>> Bugfixes' just got a bit bigger, as the last point releases was for
>> various reasons not 2 but 6 month ago.
>
> Hmmm, I think pushing point releases via the package pool and preparing a
> new release directory would limit the confusion. I dont see a need to make
> those packages available on security.d.o.
>
> I think in the past we did exactly that with proposed-updates.
There is no difference now, they are not available via
security.debian.org. apt-cache policy <pkg> will tell you were they come
from if you are in doubt.
Cheers
Luk
Reply to: