Re: [SECURITY] [DSA 3053-1] openssl security update
On Wed, October 22, 2014 17:17, Jason Fergus wrote:
>> > Now that the jessie release is well underway, is it possible either to
>> > request unblocks for security uploads or to begin to support a
>> > jessie/testing suite in security.debian.org?
>> Technically nothing is blocked yet (except udebs), but yes of course
>> security fixes are a reasonable justification for an unblock request,
>> when that time does come.
>> A Jessie security archive is up to the security team and FTP masters.
> I always thought that both Stable and Testing were supported by the
> security team.
> deb http://security.debian.org/ jessie/updates main contrib non-free
> deb-src http://security.debian.org/ jessie/updates main contrib
> Not sure what is in there, but they are active.
What distributions are supported is answered in the Security team FAQ, but
in short, testing is cared for but the separate security archive is not
currently in active use. It has quite some overhead while it turns out
it's usually perfectly acceptable or even better to let fixes migrate from
unstable quickly instead of preparing uploads separately. As was the case
with openssl, whose transition into jessie has been expedited because of
the security fixes.