On mer., 2014-09-10 at 16:15 -0400, David Prévot wrote: > Hi, > > Le 10/09/2014 16:02, Yves-Alexis Perez a écrit : > > On mer., 2014-09-10 at 21:40 +0200, Max Mustermann wrote: > > > >> deb http://security.debian.org/ wheezy/updates main contrib non-free > >> > > I think that's just a typo, since there's no security support for > > contrib and non-free anyway. > > Never, or not anymore, or…? > > Probably not “never” according to: > http://security.debian.org/pool/updates/contrib/m/mahara/ > or http://archive.debian.org/debian-security/pool/updates/ That might depend on what you call “security support”. Note that while some team member might issue security updates for contrib/non-free (well, last time was for Lenny), but there's explicitly no support for contrib and non-free: https://www.debian.org/security/faq#contrib > > > I'm adding debian-www (contact point for all web pages) to CC: so they > > can get a look. > > This section is handled by the security team (people in the team have > commit access), but if they feel the need to let someone else fix stuff > on their behalf, they’re welcome to provide explicit guidance of what is > to fix, and how. Is there anything else than CVS available in order to provide a patch? I think removing the "contrib non-free" part would be ok (and maybe add them to the security FAQ so people actually interested by those suites can add the information themselves, although I'm unsure what does the installer do right now). Team, what do you think? Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part