Re: release files on security.debian.org

To: team@security.debian.org, APT Development Team <deity@lists.debian.org>
Cc: security@debian.org
Subject: Re: release files on security.debian.org
From: Brian May <bam@debian.org>
Date: 16 Mar 2001 11:39:42 +1100
Message-id: <[🔎] 84hf0ufsxd.fsf@snoopy.apana.org.au>
In-reply-to: <20010316011200.B14748@cistron.nl>
References: <84y9u6fvx0.fsf@snoopy.apana.org.au> <20010316011200.B14748@cistron.nl>

>>>>> "Wichert" == Wichert Akkerman <wichert@cistron.nl> writes:

(I have CCed this to the apt development team, as I am not the
authoritive source for some of the issues that have been bought up
here; unless you have a good reason not to, please keep these
addresses when replying: team@security.debian.org, APT Development
Team <deity@lists.debian.org>).

    Wichert> Sending that to team@security.debian.org might be a bit
    Wichert> better way to reach us then, if you mail
    Wichert> security@debian.org debian-private will get the mail as
    Wichert> well, and it doesn't get put in my security team folder.

Ok.

    >> To fix, please change "Archive: potato" to "Archive: stable"
    >> and "Version: 2.2" to "Version: 2.2r2" in the Release files.

    Wichert> This sounds like a problem in the Release file for
    Wichert> ftp.debian.org to me: with the current naming once we
    Wichert> make a new release we have to change all the Release
    Wichert> files for potato, which shouldn't be needed.

Then that would have the side affect that users want be able to
type in:

apt-get install x -t stable

instead it would have to be

apt-get install x -t potato

(and /etc/apt/preferences would have to be changed in a similar way)

which goes against what is documented in the apt_preferences man page.

    Wichert> Stable really indicates a state of an archive, not which

>From the apt_preferences man page:

       a= Archive
              This is the common name we give our archives,  such
              as stable or unstable. The special name now is used
              to designate the set of packages that are currently
              installed.

    Wichert> archive it is.  Also, the Version number doesn't mean a
    Wichert> lot for security.debian.org anyway, since it holds
    Wichert> pacakges for multiple versions of potato.  I'll probably
    Wichert> remove it when pandora is reachable again (insert flame
    Wichert> to surfnet here).

Then if you gave 2.2r2 the higher priority (in /etc/apt/preferences),
it would not install the security fixes, because the security fixes
are 2.2.

doesn't seem a good idea to me. However, I am not sure what the apt
development team intended for this case, so don't take my word for it.

(is there an authoritive document with the format for the Release
file?)
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: release files on security.debian.org
  - From: Wichert Akkerman <wichert@cistron.nl>

Prev by Date: Processed: Re: Bug#89762: Configuration::ReadConfigFile doesn't behave as documented
Next by Date: Re: release files on security.debian.org
Previous by thread: apt cvs code.
Next by thread: Re: release files on security.debian.org
Index(es):
- Date
- Thread