security faq addition

To: debian-www@lists.debian.org
Subject: security faq addition
From: Wichert Akkerman <wichert@wiggy.net>
Date: Tue, 13 Nov 2001 14:58:13 +0100
Message-id: <[🔎] 20011113145813.C19393@wiggy.net>
Mail-followup-to: Wichert Akkerman <wichert@wiggy.net>, debian-www@lists.debian.org

Can someone please add this to the security FAQ?

Q: The version number for a package indicates that I am still running
   a vulnerable version!
A: Instead of upgrading to a new release we backport security fixes to
   the version that was shipped in the stable release. The reason we do
   this is to make sure that a release changes as little as possible
   so things will not change or break unexpectedly as a result of a
   security fix. You can check if you are running a secure version of
   a package by looking at the package changelog, or comparing its
   exact version number with the version indicated in the Debian 
   Security Advisory.

Wichert.
-- 
  _________________________________________________________________
 /wichert@wiggy.net         This space intentionally left occupied \
| wichert@deephackmode.org            http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Reply to:

Follow-Ups:
- Re: security faq addition
  - From: peter karlsson <peter@softwolves.pp.se>

Prev by Date: Please forward to the keeper of your online policy manual
Next by Date: Re: security faq addition
Previous by thread: Please forward to the keeper of your online policy manual
Next by thread: Re: security faq addition
Index(es):
- Date
- Thread