[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Misunderstanding about normal (stable) and security channels

On Mon, 28 Jul 2008 11:20:56 pm Frédéric PICA wrote:
> Ok, so this is the explanation.
> I can understand this reason but in this case, I think that the
> security FAQ http://www.debian.org/security/faq.en.html#policy needs
> an update because it's clearly said that :
> "Security breakage in the stable distribution warrants a package on
> security.debian.org" [...] "The size of a breakage is not the real
> problem here"
> I understood that every security concerns, even minors one, have to go
> in the security channel.
> In the tool I'm developping, I rely on the package channel to know if
> a package was installed because of a security concern or not (never
> mind if this is a minor one or not)
> and now I can't be sure of the update type.
> Is there a more or less simple way to know a package type (security,
> bugfix, ...) ?
If a CVE number is mentioned in the changelog, then it has normally something 
to do with security ;)


Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: