Sam Kuper wrote:
The idea with backporting is you only backport the particular patch necessary to close the security hole or fix the bug, not any other patches/code changes that have occured since your release version. So yes the idea is to make the minimum change necessary to fix the bug, and it shouldn't change the functionality of the program.Okay, so if I understand you correctly, a backport is a kind of refactoring: the overt functionality doesn't change, but the underlying functionality does (the refactored code is more secure, or less memory intensive, or what-have-you depending on the nature of the fix). I hadn't previously quite been sure that backports really are intended to *not change the overt functionality*.
Probably better to take the maintainer's advice as he knows more about it than I do. I was just saying that when I've been in this situation, whether on Redhat, Debian or other distros I usually take the more updated package from the next in-development version of the distro. I haven't had many problems with this, but as always YMMV, good luck.So now I'm confused: which is the better approach for me to take? Also, why would a maintainer be maintaining unofficial backports instead of (or as well as) official ones?With thanks in advance for your advice! Sam
Tim