* Josip Rodin <joy@srce.hr> [2003-04-06 13:05]: > On Sat, Apr 05, 2003 at 09:19:28PM -0800, Tim Freeman wrote: >> I think the reported version number is wrong. According to my >> file (I use apt-cache), the libc6 in testing is 2.3.1-16, not >> 2.2.5-9.woody.3. > > No, it's correct, it merely prefers testing security updates over ordinary > testing packages. If you follow the link, you'll see a red "[security]" mark > in the title, and the download link will show you security.debian.org. > > I don't see any overly sane way of satisfying both the security freaks who > insist on getting information on security-fixed versions (they asked for > this and so we implemented it), and others. I don't think that having the testing-security libc6 version be prefered over the testing libc6 version does help at all. The script should just prefer the -security version if it is _newer_. I don't think that a testing system with the testing-security libc6 would be helpful at all for it simply wouldn't work, most of the packages wouldn't be installable at all. testing was never meant as a secure system and due to its nature of almost daily changes it isn't easily possible to support security for it at all. Prefering testing-security packages over testing packages _without_ taking the different version numbers into account even make the situation worse. So I suggest to either remove the testing-security from the scripts, show them all on the page (stable, stable-security, testing, testing-security, unstable and experimental) or do it the correct way, which is »prefer the version from {stable,testing}{,-security} which is dpkg --compare-versions higher in {stable,testing}«. The current situation is far from good for the users, IMNSHO. Alfie -- There are many times when you want it to ignore the rest of the string just like atof() does. Oddly enough, Perl calls atof(). How convenient. :-) -- Larry Wall in <1991Jun24.231628.14446@jpl-devvax.jpl.nasa.gov>
Attachment:
pgpuXcG_g7aNb.pgp
Description: PGP signature