Re: Etch Apt list (and testing/security/volatile)
There's also volatile
http://www.debian.org/devel/debian-volatile/
But the more I look at the documentation, the more confused I get,
particularly as far as testing goes.
The debian-volatile web page refers to sarge and etch.
If one follows testing, does volatile add anything? Maybe it gets
some packages sooner, or gets updates that don't flow through
sid->testing?
Is
deb http://volatile.debian.org/debian-volatile testing/volatile main
contrib non-free
a meaningful target?
On security, I thought support for testing was now official, e.g., see
this notice:
http://lists.alioth.debian.org/pipermail/secure-testing-announce/2006-May/000029.html
However, that notice gives the team's web site as
http://secure-testing-master.debian.net/, and that page still has the
old locations and generally sounds as if things are not done.
Furthermore, the main Debian security site, security.debian.org,
refers to FAQ, http://www.debian.org/security/faq, which asserts
---------------------------
Q: How is security handled for testing and unstable?
A: The short answer is: it's not. Testing and unstable are rapidly
moving targets and the security team does not have the resources
needed to properly support those. If you want to have a secure (and
stable) server you are strongly encouraged to stay with
stable. However, work is in progress to change this, with the
formation of a testing security team which has begun work to offer
security support for testing, and to some extent, for unstable.
----------------------------------
The release notes, Debian reference, man sources.list, and APT HOW To
also didn't have much I could find on these topics.
I think what's happened is that the documentation (including the web
pages) are lagging actual practice, but I'd love it if someone more
informed could clear this up.
Ross Boylan
Reply to: