security faq addition
Can someone please add this to the security FAQ?
Q: The version number for a package indicates that I am still running
a vulnerable version!
A: Instead of upgrading to a new release we backport security fixes to
the version that was shipped in the stable release. The reason we do
this is to make sure that a release changes as little as possible
so things will not change or break unexpectedly as a result of a
security fix. You can check if you are running a secure version of
a package by looking at the package changelog, or comparing its
exact version number with the version indicated in the Debian
Security Advisory.
Wichert.
--
_________________________________________________________________
/wichert@wiggy.net This space intentionally left occupied \
| wichert@deephackmode.org http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Reply to: