Re: do i need stable in my sources.list?

[Osamu Aoki <osamu@debian.org>]

On Tue, Jan 28, 2003 at 12:41:49AM -0500, Travis Crump wrote:
> Kent West wrote:
> >Colin Watson wrote:
> >>On Tue, Jan 28, 2003 at 01:43:32AM +0000, iain d broadfoot wrote:

> >>>testing/unstable, do i still need the stable entries?

> >>No. testing started out as a copy of stable. The exceptions are if you
> >>happen to want something that's been removed from testing since the last
> >>stable release; even then you probably didn't want it anyway, and if you
> >>do you can always get it by hand.

> >I was under the impression that you needed to keep your security sources 
> >pointing at stable, since that's the only place that emergency security 
> >patches get placed consistently. Am I incorrect?

Yah.

> Since most security updates for stable are going to be a version lower 
> than the version currently in testing(since everything is backported), 
> you are never going to get them anyway so having it there isn't going to 
> help.

Is this so?  Not all package get that frequent updates.  I do not see much reason not to do it since BW is small too.

If version number is the issue, we should be able to pin to "Label:
Debian-Security", I think.  (Never done it myself)

Say "Label: Debian-Security" has pin of 1100 then all security fix will
automatically downgrade the system.

Once you find new fixed program in unstable, then set that package's pin to
1200.  so you get fixed package in.


==== Release file in security updates ===
Origin: Debian
Label: Debian-Security
Suite: stable
Version: 3.0
Codename: woody
....

-- 
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ +++++
        Osamu Aoki <osamu@debian.org>   Cupertino CA USA, GPG-key: A8061F32
 .''`.  Debian Reference: post-installation user's guide for non-developers
 : :' : http://qref.sf.net and http://people.debian.org/~osamu
 `. `'  "Our Priorities are Our Users and Free Software" --- Social Contract