[Linux-aus] Now tell the rest of the story...
Ryan Verner
xfesty at computeraddictions.com.au
Fri Mar 26 18:42:01 UTC 2004
On 25/03/2004, at 6:45 PM, Anthony Towns wrote:
> On Tue, Mar 23, 2004 at 11:43:37AM +1030, Paul Shirren wrote:
>> Perhaps Anthony Towns would like to comment on this line from the
>> article:
>> "For example, Debian (Debian GNU/Linux) has left vulnerabilities there
>> and didn't release any patches for them."
>
> Not really; it's certainly true in some cases -- we don't do security
> support for unreleased distributions (testing, unstable or
> experimental),
> so there are definitely vulnerabilities left in some of those packages;
Which is a problem; there's many people out there that run testing on
their servers, because they find woody to be awfully out of date for
their needs (and indeed, it can be). Takes ages for security fixes to
go in, though, as per testing policy of package propagation from
unstable, so it's always baffled me why people do so.
I'm strongly of the opinion that there should be something in the
middle of stable and testing; perhaps a stable with a more regular
freeze cycle. Of course, this requires additional manpower, and the
chance of possible problems of course increases, but it'd really do
wonders for Debian, and certainly make me a far happier person.
Backporting my own packages to woody can be a pain in terms of time,
and I really do not trust 99% third party repositories out there; I've
ended up with enough broken packages, thankyou very much.
R
--
Signature space for rent.
More information about the linux-aus
mailing list