Re: Woody or Sarge

[Paul Johnson <baloo@ursine.dyndns.org>]

<#secure method=pgp mode=sign>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Adi Linden <adil@adis.on.ca> writes:

>> If you're satisfied with the existing feature set, are new features
>> really anywhere near as important as security fixes?  Particularly
>> when it comes to production servers?
>
> New features aren't important at all. It is all about maintaining the 
> current state of a server while keeping it secure on a hostile network. 
> And with the least amount of effort, where security updates do not break 
> anything...

OK, then don't worry about the release cycle.  What you get on
security.debian.org should get what you need done until the next
release.

>> Not long after the next Stable happens, because it's not hard to
>> upgrade in Debian.  18 months seems about average, IIRC.
>
> This means that for longest possible support I should be looking at 
> deploying Sarge, not Woody. How timely are security issues addressed in a 
> Sarge?

Given that you're the one supporting it, which are you willing to
support?  Right now, your safest bet is still woody, though sarge has
regular, near-daily updates (which can get annoying), as it is still,
essentially, in beta.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBYis4UzgNqloQMwcRAou+AJ0ai2CMEQwwBontVDZexzmgtfahFQCfVqgf
bg/yxD3KfLGIupRxNaUXndA=
=IAxf
-----END PGP SIGNATURE-----