Hi,
I am sure this question has probably been done to death but I have
googled a can't seem to find any up-to-date information.
I am tracking testing and I am wondering how good the security is. As I
understand it, security in testing is reliant on contributor security
patches filtering down from unstable with the security team providing no
input. To speed things up though I believe patches are generally only
quarantined for a short period (a couple of days).
Is this correct? If so realistically how bad is the security impact on
testing? Is it bad enough that you would have to have a screw loose to
run a testing server? The problem I have is that a stable server is
horribly out of date and an unstable server seems like a risk (extra
maintenance time fixing busted apt-gets for possibly minimal extra
security).
Your views would be most appreciated
TIA
Graham