Quoting Niall Walsh (linux at esatclear.ie):
> I'm fairly certain Debian only releases security advisories for
> packages in stable. If an issue doesn't effect stable, no advisory
> will be released, and the problem will simply be fixed by a
> urgency=high upload to unstable.
This is an excellent point, and points out the biggest drawback of
keeping a system on the "testing" branch, even one with easy access to
"unstable" packages, whose owner attentively skim-reads all Debian
Security Advisories: You might _still_ be unaware of an suddenly urgent
need, on account of a security emergency, to do
# apt-get update && apt-get -t unstable install [packagename]
...to plug that package's security hole.
What would really be handy, in fact, would be an automated announce-only
"alert" mailing list sending out all changelogs of urgency=high uploads
to unstable. Pity it doesn't exist (to my knowledge). I might try to
create one.
--
Cheers, Facta tua Restitueri ad Status Pristinus Eius.
Rick Moen (May your data be restored to
rick at linuxmafia.com its original pristine condition.)
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
