[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: testing distribution security updates?

Chris Ruvolo wrote:
> If a package is in the testing distribution and a security update is issued
> that effects stable, testing and unstable, how long before the testing
> package is updated?  Does it have to go through the full process of
> maturation to make it to testing from unstable?

Packages can be expidited into testing if the maintainer uploads them
with a high urgency field set. I suppose that dependancies could still
keep them out though.

> How about if the package in stable is not effected (i.e. only testing and
> unstable are vulnerable)?  Would there be any notification on the
> security-announce list?

Often not.

> Would the updated packed be backported or otherwise
> pushed into testing?  How soon?

Good question. I suppose that if dependancies keep them out of testing,
this could be a problem.

> Would you recommend keeping a line in /etc/apt/sources.list for the security
> server's stable collection if the box is running on testing or unstable
> packages?

Yes, it's a good idea because you may pick up updates from there before
they hit unstable/testing.

-- 
see shy jo
Reply to: