Re: Packages temporarily disappearing from Testing/Lenny
On 2008-04-15 18:43 +0200, Andrew Sackville-West wrote:
> On Tue, Apr 15, 2008 at 08:45:47AM +0200, Sven Joachim wrote:
>> It is true that sid users should generally check out for grave bugs and
>> security issues of packages they want to install, but the same holds for
>> testing. After all, buggy packages will not be removed quickly and an
>> update will first be available in unstable before it migrates to
> is it not true that _security_ patches migrate to testing through a
> different route than the one to sid? I kind of picture it like this:
> testing security team "finds" security bug, writes patch and pushes it
> to testing and (Probably?) passing it back upstream as well. THen
> upstream incorporates the fix and it works its way into sid through
> upstream's regular release cycle?
In general, no. First, the testing security team also works as security
team for unstable: if the maintainer does not react in time and uploads
a fix himself, they usually upload directly to unstable as well.
Secondly, they only upload to testing-security if the fixed package for
unstable is not expected to migrate quickly. You can see¹ that Iceweasel
has still an unfixed version in testing, while both stable and unstable
have the latest upstream version. Apparently it did not build on mips
> I suppose I should shut-up and start reading more about debian
I'd recommend to start with http://testing-security.debian.net/, that
gives a good overview what this team is about.