Bug#179185: marked as done (testing description should mention security risk)

To: Josip Rodin <joy@gkvk.hr>
Cc: James Treacy and others <debian-www@lists.debian.org>, www.debian.org@packages.qa.debian.org
Subject: Bug#179185: marked as done (testing description should mention security risk)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Fri, 31 Jan 2003 06:48:11 -0600
Message-id: <[🔎] handler.179185.D179185.104401728422635.ackdone@bugs.debian.org>
In-reply-to: <20030131125019.GA28578@cibalia.gkvk.hr>
References: <20030131125019.GA28578@cibalia.gkvk.hr> <[🔎] 1044015064.1088.111.camel@igor>

Your message dated Fri, 31 Jan 2003 13:50:19 +0100
with message-id <20030131125019.GA28578@cibalia.gkvk.hr>
and subject line Bug#179185: testing description should mention security risk
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 31 Jan 2003 12:11:07 +0000
>From liw@iki.fi Fri Jan 31 06:11:06 2003
Return-path: <liw@iki.fi>
Received: from ip212-226-168-228.adsl.kpnqwest.fi (igor.liw.iki.fi) [212.226.168.228] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 18ea0g-0002sr-00; Fri, 31 Jan 2003 06:11:06 -0600
Received: by igor.liw.iki.fi (Postfix, from userid 1000)
	id EED8F8049C; Fri, 31 Jan 2003 14:11:04 +0200 (EET)
Subject: testing description should mention security risk
From: Lars Wirzenius <liw@iki.fi>
To: submit@bugs.debian.org
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Ximian Evolution 1.0.8 
Date: 31 Jan 2003 14:11:04 +0200
Message-Id: <[🔎] 1044015064.1088.111.camel@igor>
Mime-Version: 1.0
Delivered-To: submit@bugs.debian.org
X-Spam-Status: No, hits=-0.7 required=5.0
	tests=SPAM_PHRASE_02_03
	version=2.41
X-Spam-Level: 

Package: www.debian.org

The http://www.debian.org/distrib/packages.en.html page says this about
testing:

    This area contains packages that are intended to become part of the
    next stable distribution. There are strict criteria a package in
    unstable (see below) must obey before it can be added to testing.

    See the testing distribution pages for more information. 

Given that many people interpret this as meaning "a stable version of
unstable" I think it would be good to add some words about the security
risk involved when running testing. Perhaps something like this:

    Testing does not get security updates in a timely manner. It is not
    a good idea to use testing if security is an issue (e.g., if the
    machine is connected to the Internet).

It was a bit of a surprise to me when the security issue was pointed
out, even though I should've known better. I have the impression that
this is a common mistake, so it makes sense to point it out more
prominently.

(Descriptions of testing may occur on other places as well, but I was
too lazy to search, since I assume the web page developers can easily do
a recursive grep.)


---------------------------------------
Received: (at 179185-done) by bugs.debian.org; 31 Jan 2003 12:48:04 +0000
>From joy@gkvk.hr Fri Jan 31 06:48:03 2003
Return-path: <joy@gkvk.hr>
Received: from cibalia.gkvk.hr [161.53.211.3] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 18eaaR-0005sp-00; Fri, 31 Jan 2003 06:48:03 -0600
Received: from joy by cibalia.gkvk.hr with local (Exim 3.35 #1 (Debian))
	id 18eacd-0007W4-00; Fri, 31 Jan 2003 13:50:19 +0100
Date: Fri, 31 Jan 2003 13:50:19 +0100
To: Lars Wirzenius <liw@iki.fi>, 179185-done@bugs.debian.org
Subject: Re: Bug#179185: testing description should mention security risk
Message-ID: <20030131125019.GA28578@cibalia.gkvk.hr>
References: <[🔎] 1044015064.1088.111.camel@igor>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[🔎] 1044015064.1088.111.camel@igor>
User-Agent: Mutt/1.4i
From: Josip Rodin <joy@gkvk.hr>
Delivered-To: 179185-done@bugs.debian.org
X-Spam-Status: No, hits=-16.0 required=5.0
	tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,
	      SIGNATURE_SHORT_DENSE,SPAM_PHRASE_00_01,USER_AGENT,
	      USER_AGENT_MUTT
	version=2.41
X-Spam-Level: 

On Fri, Jan 31, 2003 at 02:11:04PM +0200, Lars Wirzenius wrote:
> Given that many people interpret this as meaning "a stable version of
> unstable" I think it would be good to add some words about the security
> risk involved when running testing.

You're right, it wasn't emphasized enough. I've added notes to that page and
the testing distro user page. The developer page already had it.

-- 
     2. That which causes joy or happiness.

Reply to:

References:
- Bug#179185: testing description should mention security risk
  - From: Lars Wirzenius <liw@iki.fi>

Prev by Date: Translation of Debian Hompage to Arabic
Next by Date: Re: future of developers list
Previous by thread: Bug#179185: testing description should mention security risk
Next by thread: Translation of Debian Hompage to Arabic
Index(es):
- Date
- Thread