On Tue, Sep 01, 2009 at 11:39:40AM +0200, Julien Cristau wrote: > On Sun, Aug 30, 2009 at 23:38:17 +0200, Lucas Nussbaum wrote:
> > That's unfortunate. Imagine the following scenario: > > 1. Package P is released in sarge, with version 1.0-1. > > 2. Package P is installed on a system S, running sarge. > > 3. etch is released with P 1.0-1. > > 4. A security bug is found in P. > Does this actually happen? How often? Often enough that it's been discussed repeatedly over the years; not often enough that anyone has fixed it. :) -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: Digital signature
