On Tue, Jan 16, 2007 at 01:06:46PM +0100, Michael Prokop wrote:
- Marc Haber mh+grml@zugschlus.de [20070116 12:57]:
On Sun, Jan 14, 2007 at 02:03:57PM +0100, Michael Prokop wrote:
Especially as Debian testing does not get real security-support. :( That's not really relevant for workstations for me, but straight before a new stable release is available that's an important point - at least for me.
There is some kind of Security Support for Debian testing, by means of the testing security team. Unfortunately, they're missing a lot of the transparency I'd like to see from a security team, but that's nothing new for Debian. I plan to blog about this in the near future once I find the time.
Security support for testing is (AFAIK) nothing else than "we move packages from unstable to testing faster than usual". For me that's not real security-support as you can't activate just the security-testing pool but have to make use of the full testing-pool for upgrades. :-/
As far as I am informed, there is a testing-security pool which just has never been used to push in a security update. I suspect that this will happen once a security update must be done for a package that cannot migrate normally from unstable to testing because of library deps.
Actually, it is one of the major "beefs" I have with testing-security that this mechanism has not yet been in use. I'd like to see it at least once before I rely on it.
NACK. We did not have any library transitions for months, and new upstream versions are being withheld.
Hm, which ones are this for example?
Newer kernels, for example, and exim4. Just look into experimental.
Greetings Marc