* Josip Rodin <joy@srce.hr> [2003-04-06 13:05]:
> On Sat, Apr 05, 2003 at 09:19:28PM -0800, Tim Freeman wrote:
>> I think the reported version number is wrong. According to my
>> file (I use apt-cache), the libc6 in testing is 2.3.1-16, not
>> 2.2.5-9.woody.3.
>
> No, it's correct, it merely prefers testing security updates over ordinary
> testing packages. If you follow the link, you'll see a red "[security]" mark
> in the title, and the download link will show you security.debian.org.
>
> I don't see any overly sane way of satisfying both the security freaks who
> insist on getting information on security-fixed versions (they asked for
> this and so we implemented it), and others.
I don't think that having the testing-security libc6 version be
prefered over the testing libc6 version does help at all. The script
should just prefer the -security version if it is _newer_.
I don't think that a testing system with the testing-security libc6
would be helpful at all for it simply wouldn't work, most of the
packages wouldn't be installable at all.
testing was never meant as a secure system and due to its nature of
almost daily changes it isn't easily possible to support security for it
at all. Prefering testing-security packages over testing packages
_without_ taking the different version numbers into account even make
the situation worse.
So I suggest to either remove the testing-security from the scripts,
show them all on the page (stable, stable-security, testing,
testing-security, unstable and experimental) or do it the correct way,
which is »prefer the version from {stable,testing}{,-security} which is
dpkg --compare-versions higher in {stable,testing}«.
The current situation is far from good for the users, IMNSHO.
Alfie
--
There are many times when you want it to ignore the rest of the string just
like atof() does. Oddly enough, Perl calls atof(). How convenient. :-)
-- Larry Wall in <1991Jun24.231628.14446@jpl-devvax.jpl.nasa.gov>
Attachment:
pgpuXcG_g7aNb.pgp
Description: PGP signature