[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is it secure to use testing/backport repos for production server?



In <49e791b8.02ab100a.0542.25a5@mx.google.com>, Sthu Deus wrote:
>Thank You, again, And what is Your opinion on volatile for clamav, for
>example& - It always says to me, it is out dated.

I have volatile enabled, and it says it is outdated to me, too.

That's just a result of upstream desire conflicting with Debian policy.  
Upstream wants you to always be using the latest (stable) release.  Debian 
policy is to not introduce new upstream versions during the lifetime of the 
stable release.  Release-critical and security fixes can be backported the 
version in the release if need be.

If you trust upstream for that package, you might want to follow 
backports/testing/unstable/experimental for that package.  If you don't, 
trust aptitude (Debian) to let you know when there is an update and ignore 
the warning.

For me, I use stable+security+volatile for my systems that need to be always 
available and secure.
-- 
Boyd Stephen Smith Jr.           	 ,= ,-_-. =.
bss@iguanasuicide.net            	((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy 	 `-'(. .)`-'
http://iguanasuicide.net/        	     \_/

Attachment: signature.asc
Description: This is a digitally signed message part.


Reply to: