Re: Patched sendmail? testing?
On Tue, Mar 04, 2003 at 11:32:34AM -0500, stan wrote:
> On Tue, Mar 04, 2003 at 06:15:02AM -0800, Marc Wilson wrote:
> > On Tue, Mar 04, 2003 at 08:37:02AM -0500, stan wrote:
> > > I did apt-get update and apt-get dist-upgrade on some of my
> > > machines running testing, and I was surprised to not [pull patched
> > > sendmail binaries, based upon the announcement of a vulnerability
> > > in it yesterday.
> >
> > Testing doesn't have security updates, and has never been advertised as
> > having security updates. Are you volunteering?
> >
> > <sigh> Someone else running testing in a production environment.
>
> And my choices are?
>
> As I see them.
>
> 1. Run unstable, and have a broken system more often than not.
> 2. Run stable and have 1970's versions of software/
That's a hopeless exaggeration; I run stable happily on my home server.
Anyway, if you run testing you need to manage the security yourself by
backporting patches. I don't believe anyone will ever have told you
otherwise.
(It's not an ideal situation, true. However, it's reality.)
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: