biggest problem is long release cycles = out-of-date kernel, X11
Posted Aug 19, 2004 8:50 UTC (Thu) by
xoddam (subscriber, #2322)
In reply to:
biggest problem is long release cycles = out-of-date kernel, X11 by jeld
Parent article:
Review: Debian-Installer Release Candidate 1 (linux.com)
Making the security team keep up-to-date with testing won't help a thing.
Certainly maintainers of packages in unstable ought to be a little more
security-aware than they are (at the very least, they should be alerted
to get an upstream fix by the very fact that the stable version has had a
security update) but the Security team itself should not be obliged to
track the latest-and-greatest of everything; their job is to keep
production systems secure.
By-and-large unstable gets security fixes shortly after the upstream fix
to the latest version. Remember than *Debian* unstable/testing is
actually a collection of upstream maintainers' latest *stable* packages.
The only real solution is to shorten the gap between *stable* releases of
Debian. Another stable release in one year instead of three wouldn't
hurt anyone. The pain of upgrading from a three-year-old stable to a
current one is about to be inflicted on thousands of users; as Debian
developers have to go through all that *anyway*, they may as well go
through a minor dose of release-agony once a year than heaps every three
or four years.
The security team will then not have to worry about back-porting at all!
I think this is the plan anyway.
(
Log in to post comments)
