[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Patched sendmail? testing?

On Tue, Mar 04, 2003 at 11:32:34AM -0500, stan wrote:
> On Tue, Mar 04, 2003 at 06:15:02AM -0800, Marc Wilson wrote:
> > On Tue, Mar 04, 2003 at 08:37:02AM -0500, stan wrote:
> > > I did apt-get update and apt-get dist-upgrade on some of my
> > > machines running testing, and I was surprised to not [pull patched
> > > sendmail binaries, based upon the announcement of a vulnerability
> > > in it yesterday.
> > 
> > Testing doesn't have security updates, and has never been advertised as
> > having security updates.  Are you volunteering?
> > 
> > <sigh> Someone else running testing in a production environment.
> 
> And my choices are?
> 
> As I see them.
> 
> 1. Run unstable, and have a broken system more often than not.
> 2. Run stable and have 1970's versions of software/

That's a hopeless exaggeration; I run stable happily on my home server.
Anyway, if you run testing you need to manage the security yourself by
backporting patches. I don't believe anyone will ever have told you
otherwise.

(It's not an ideal situation, true. However, it's reality.)

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]
Reply to: