Re: updated debian development diagram -- comments?
Ron Johnson wrote:
On Sun, 2005-01-09 at 15:04 +0100, Olaf Conradi wrote:
On Sun, 9 Jan 2005 11:13:41 -0200, Henrique de Moraes Holschuh
Most of the development work that is done in Debian, is uploaded to
this distribution. This distribution will never get released; instead,
packages from it will propagate into testing and then into a real
release. Security updates for "unstable" distribution are not managed
by the security team.
That is misleading. Yes, the Security Team doesn't manage Sid,
but the maintainers themselves either patch or push thru new versions
There's nothing misleading about it.
It merely states the the Security Team doesn't manage the security
updates for -unstable. If there are major security holes in the Sid,
there isn't anything which would require a short track security update.
If I were a developer managing a package which was found to have a
security problem in all version, it stands to reason that Sid would be
the lowest priority of the three.
And as such there's no hard requirements that I do anything on a
security fix basis to Sid. For example, given a choice between a
current version patch or a new version that's fixed, you would expect
Stable and Testing to have the patches and Sid to have whatever I feel
like putting into it. Probably the new version, but that might take a
considerable amount of time to develope.