hi martin On Thursday 24 May 2007 11:31, Martin Langhoff wrote: > thanks for the update. This means that the regression introduced with > the security upload is going to stay there for a while (until we get a > point release of stable)?
was the regression introduced by the security upload, or was it just generally
a problem with 5.2.0? as far as i knew it was the latter... ?
> I'm not convinced that it's a good idea to sit on this regression... the
> options seem to be
>
> - new secure package, eats data for breakfast (default)
> - pin the package to the old vulnerable, non-data-eating
> - use unofficial packages
> - avoid etch
the unofficial packages have all of the recent security vulnerabilities in
them as well, so i don't think it's so bad to have to use them. and as far
as the next point release goes, it should be Real Soon Now.
sean
pgps4L8BBHHTg.pgp
Description: PGP signature
