Re: Lenny vs. Etch + Backports

To: debian-user <debian-user@lists.debian.org>
Subject: Re: Lenny vs. Etch + Backports
From: Michael C <sieverfrisch@yahoo.ie>
Date: Thu, 27 Sep 2007 21:35:40 +0100
Message-id: <[🔎] 46FC141C.8070309@yahoo.ie>
In-reply-to: <[🔎] 46FBF40D.1000608@physik.blm.tu-muenchen.de>
References: <[🔎] 46FBB1FF.9020902@yahoo.ie> <[🔎] 46FBF40D.1000608@physik.blm.tu-muenchen.de>

Johannes Wiedersich wrote:

I am not sure if I understand correctly: What are your objections
against debian's way of security fixes?


Let's take the example of Seamonkey/Iceape. Officially EOL'd as of May,
the 1.0.x branch's security status is no longer being actively
investigated by upstream developers, but assuming that Lenny takes as
long to come to fruition as Etch, come Debian's next major release its
developers -- with fewer resources than upstream, I should imagine --
will have been searching out and patching vulnerabilities in an
abandoned codebase for more than 20 months.

I've no doubt that the resulting code's more stable than upstream's,
it's just that I'd rather place my trust in the upstream codebase (or
Debian patches based thereon).

Not a very original objection, but a reasonable-sounding pretext for
moving away from Stable ;)

Best wishes,

Michael

Reply to:

Follow-Ups:
- Re: Lenny vs. Etch + Backports
  - From: Johannes Wiedersich <johannes@physik.blm.tu-muenchen.de>

References:
- Lenny vs. Etch + Backports
  - From: Michael C <sieverfrisch@yahoo.ie>
- Re: Lenny vs. Etch + Backports
  - From: Johannes Wiedersich <johannes@physik.blm.tu-muenchen.de>

Prev by Date: Re: bash, xbindkeys and dual screen
Next by Date: Re: Tool for document management
Previous by thread: Re: Lenny vs. Etch + Backports
Next by thread: Re: Lenny vs. Etch + Backports
Index(es):
- Date
- Thread