Re: backports security

To: debian-user@lists.debian.org
Cc: rhonda@debian.at
Subject: Re: backports security
From: Sven Hoexter <sven@timegate.de>
Date: Thu, 19 Nov 2009 08:42:49 +0100
Message-id: <[🔎] 20091119074249.GA1786@marvin.home.hoaxter.de>
Mail-followup-to: debian-user@lists.debian.org, rhonda@debian.at
In-reply-to: <[🔎] 4b04f0d0.9553f10a.68b6.0c61@mx.google.com>
References: <[🔎] 4b04f0d0.9553f10a.68b6.0c61@mx.google.com>

On Thu, Nov 19, 2009 at 02:16:15PM +0700, Sthu Deus wrote:
> Good day.
> 
> I have searched backport, wiki web sites and still can not understand: does debian security team works with its packages or not? In other words, using stable only and desiring the same security quality, I would not use the backports repo? Am i correct?

backports.org is not under the hands of the Debian security team.

Usually backports are based on packages from testing, in case of security
issue uploads based on packages from unstable are allowed aswell.
It's usually the uploader of the backport who is responsible to care for
uploads in case of security issue. So it doesn't hurt if you keep an eye on
the backports aswell that you install. Since you should install only selected
backports where needed you've to monitor just those very few selected packages.

Additionaly there is a backports-security-announce list where backporters
announce security relevant uploads.

Gerfried: Maybe that's something that should be noted in the FAQ aswell?

Sven
-- 
If God passed a mic to me to speak
I'd say stay in bed, world
Sleep in peace
   [The Cardigans - 03:45: No sleep]

Reply to:

Follow-Ups:
- Re: backports security
  - From: Gerfried Fuchs <rhonda@deb.at>

References:
- backports security
  - From: Sthu Deus <sthu.deus@gmail.com>

Prev by Date: backports security
Next by Date: Re: Calendar/ reminder wanted - recommendations
Previous by thread: backports security
Next by thread: Re: backports security
Index(es):
- Date
- Thread