On Mon, Jul 11, 2005 at 01:28:25PM -0400, Roberto C. Sanchez wrote:
> Quoting Tony Terlecki <ajt@mrps.demon.co.uk>:
>
> >I'm subscribed to debian-security-announce and security announcements
> >always mention patched packages for Stable and Unstable but they never
> >mention Testing. Where does that leave me then as far as security updates
> >are concerned if I'm maintaining machines from Testing?
> >
> If you are maintaining machines that run testing in a production
> environment,
> then you should be maintaining machines that run stable instead. I forget
> where, but the Debian website explains that testing never gets security
> updates, until it is very close to release (usually the later parts of the
> freeze). The only way security fixes get into testing is when the package
> trickles down from unstable. The maintainers usually upload security fixes
> to
> unstalbe with high priority so that they move to testing after 2 days
> (instead
> of the normal 10).
Hi Roberto,
you are correct,sir! (in the voice of ed mcmannon)
stable is the only 'stream' that get security updates. and unstable is
where any new change go(bugfix,security fix,etc). Stable would get
'backport' of security fix. the testing envirnoment is suppose to be
used by debian developers to test the next 'stable' but during the last
release cycle people used it 'like-stable' because of the delay.
check out http://debian.home.pipeline.com/newdebian2.png for a BIG
picture of debian developement.
Cheers,
Kev
--
counter.li.org #238656 -- goto counter.li.org and be counted!
`$' $'
$ $ _
,d$$$g$ ,d$$$b. $,d$$$b`$' g$$$$$b $,d$$b
,$P' `$ ,$P' `Y$ $$' `$ $ "' `$ $$' `$
$$ $ $$ggggg$ $ $ $ ,$P"" $ $ $
`$g. ,$$ `$$._ _. $ _,g$P $ `$b. ,$$ $ $
`Y$$P'$. `Y$$$$P $$$P"' ,$. `Y$$P'$ $. ,$.
Attachment:
signature.asc
Description: Digital signature