Re: dealing with testing and security

To: debian-user@lists.debian.org
Subject: Re: dealing with testing and security
From: HdV@DTO.TUDelft.NL
Date: Sun, 21 Sep 2003 18:24:15 +0200 (MEST)
Message-id: <[🔎] Pine.GSO.4.58.0309211800180.4072@sanders.rc.tudelft.nl>
In-reply-to: <[🔎] F34BBE15-EAD1-11D7-AD55-000A959CF11A@balius.com>
References: <[🔎] F34BBE15-EAD1-11D7-AD55-000A959CF11A@balius.com>

On Fri, 19 Sep 2003, Chad M Stewart wrote:

>
> I'm tired of the stale nature of stable.  Last weekend I upgraded to
> testing.  I'm wondering what is the recommended method of dealing with
> security updates for testing?
>
> Should I downgrade and only upgrade the few packages that I want newer
> versions of, like mailman, spamassassin, and bind.

Like someone else already told you, you might choose to go back to woody
and use the backports a lot of people graciously make available.

Another possibility is to build them yourself. To illustrate one such
recent update I'll show you what you need to do to get the latest ssh on
your testing box.

1) Add these to your /etc/apt/sources.list:

deb-src http://http.us.debian.org/debian unstable main contrib non-free
deb-src http://non-us.debian.org/debian-non-US unstable/non-US main
contrib non-free

2) Update your current list of packages:

apt-get update

3) Get the source:

apt-get source ssh

4) Enter the directory where your new source is unpacked:

cd ./openssh-3.6.1p2

5) Review the README and changelog:

less ./debian/README.Debian
less ./debian/changelog

6) Verify all the dependencies are statisfied:

apt-get build-deb ssh

Decide if you want to continue, after reading the output [1]

7) Build a .deb file from the source:

dpkg-buildpackage -rfakeroot -uc -b [2]

8) Go up one directory to where the resulting deb is placed:

cd ..

9) Install your freshly made package:

dpkg -i ssh_3.6.1p2-9_i386.deb

10) See for yourself what dpkg has to show:

dpkg -l ssh
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err:
uppercase=bad)
||/ Name           Version        Description
+++-==============-==============-============================================
ii  ssh            3.6.1p2-9      Secure rlogin/rsh/rcp replacement
(OpenSSH)

11) Get a beer and drink on the health of the maintainers making all
this possible in the knowledge you're safe from another bug

[1] In this case a lot of kde-packages will be listed as candidates for
removal (at least that's what happened here), you need to decide for
yourself where your priorities are.

[2] You might need to install fakeroot to make this work.

HTH

Grx HdV

Reply to:

References:
- dealing with testing and security
  - From: Chad M Stewart <cms@balius.com>

Prev by Date: Re: MS mail bombs
Next by Date: Re: Id "S" respawning too fast: disabled for 5 minutes
Previous by thread: Re: dealing with testing and security
Next by thread: Re: Upgrade from potato to debian
Index(es):
- Date
- Thread