Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities

To: Bernd Eckenfels <ecki@lina.inka.de>
Cc: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
From: Luk Claes <luk@debian.org>
Date: Sat, 29 Dec 2007 11:03:34 +0100
Message-id: <[🔎] 47761B76.2030003@debian.org>
In-reply-to: <[🔎] E1J8Xlq-0001YJ-00@calista.eckenfels.net>
References: <[🔎] E1J8Xlq-0001YJ-00@calista.eckenfels.net>

Bernd Eckenfels wrote:
> In article <[🔎] 20071229080401.GA4521@ftbfs.de> you wrote:
>> These releases are called 'point releases' and are prepared publicly.
>> Preperation mails to these point releases are periodicly sent to
>> debian-releases@lists.debian.org[1]. Also prior releases had
>> 'Miscellaneous Bugfixes', see eg. [2]. The list of 'Miscellaneous
>> Bugfixes' just got a bit bigger, as the last point releases was for
>> various reasons not 2 but 6 month ago. 
> 
> Hmmm, I think pushing point releases via the package pool and preparing a
> new release directory would limit the confusion. I dont see a need to make
> those packages available on security.d.o.
> 
> I think in the past we did exactly that with proposed-updates.

There is no difference now, they are not available via
security.debian.org. apt-cache policy <pkg> will tell you were they come
from if you are in doubt.

Cheers

Luk

Reply to:

References:
- Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
  - From: Bernd Eckenfels <ecki@lina.inka.de>

Prev by Date: Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
Next by Date: Re: (CVE-2007-0855) Preparation of the next stable Debian GNU/Linux update
Previous by thread: Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
Next by thread: Amir Mechouk är inte på kontoret.
Index(es):
- Date
- Thread