Am 2007-03-20 17:57:14, schrieb Andrew Sackville-West:
> it appears to me that there are two paths into testing for security
> fixes: sid or testing security. Is it possible for a security fix to
> bypass sid and make it into testing? Obviously there would be some
> upstream method for dealing with this... I dug through some of those
> vulnerabilities and couldn't find any that were fixed in etch but not
> sid, but it seems like it could happen. please educate me
Yes, IF you have for different versions of a program. e.g.
Version 0.5.0 in oldstable (one year supported after stable release)
Version 1.0.0 in stable
Version 2.0.0 in testing
Version 3.0.0 in unstable
where Unstable is mostly fixed by UPSTREAM and Testing maybe by
UPSTREAM but mainly by the package maintainer.
And Stable is checked by the Debian QA team whether the patches
from UPSTREAM or from the Package Maintaines can be applyed.
Thanks, Greetings and nice Day
Michelle Konzack
Systemadministrator
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSN LinuxMichi
0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Attachment:
signature.pgp
Description: Digital signature