Re: Sid and security

To: debian-user@lists.debian.org
Subject: Re: Sid and security
From: Stefan O'Rear <stefanor@cox.net>
Date: Sat, 21 Aug 2004 10:50:07 -0700
Message-id: <[🔎] 20040821175007.GA2366@cox.net>
In-reply-to: <[🔎] 878yc8fll2.fsf@toncho.dhh.gt.org>
References: <[🔎] 200408211025.17913.michael@weblore.com> <[🔎] 1093102361.6979.28.camel@linda> <[🔎] 20040821154244.GA1787@cox.net> <[🔎] 878yc8fll2.fsf@toncho.dhh.gt.org>

On Sat, Aug 21, 2004 at 12:27:21PM -0500, John Hasler wrote:
> Someone finds hole and notifies maintainer and/or security team.
> Security is notified if they don't know already.
> Maintainer is notified if he doesn't know already.
> Security team and/or maintainer fixes hole.
> Security team NMU's stable-proposed-updates.
> Maintainer uploads fixed version to Unstable, perhaps before security team
> fixes Stable.
> 
> Often the fix for Unstable is to upload the new, fixed upstream version.
> Sometimes the newer version that is already in Unstable doesn't have the
> hole.  The fix must be backported for Stable and so Stable can take longer
> to fix then Unstable.
> 
> Testing doesn't get fixed until the fixed version propagates to it from
> Unstable.

Thank you, it makes sense now.

Reply to:

References:
- Sid and security
  - From: Michael Satterwhite <michael@weblore.com>
- Re: Sid and security
  - From: Oliver Elphick <olly@lfix.co.uk>
- Re: Sid and security
  - From: Stefan O'Rear <stefanor@cox.net>
- Re: Sid and security
  - From: John Hasler <john@dhh.gt.org>

Prev by Date: Re: how to connect two PC's with a cross-over ethernet cable?
Next by Date: Re: perl module --> debian package name
Previous by thread: Re: Sid and security
Next by thread: [OT] GNU/Linux livecd for oldworld macs
Index(es):
- Date
- Thread