Hi Ola, On Tue, 27 Feb 2001, Ola Lundqvist wrote:
> I have got some questions about updating horde and imp for potato. > The reason is that the upstream have released a new fixed version > with mostly security fixes. Actually just security fixed and maybe > some language translations. > The install scripts have benn changed quite a lot from the potato > release and I think it is better, but it changes some of the > configuration strategy and also now depends on a package > wwwconfig-common that eases the configuration for horde, imp and dcl. > Should I upload anything to stable. There is no critical security > bugs, but some minor ones. > Should I backport all fixes? > Should I just upload the one that are for sid? But then there is > a problem with the package dependencies... That is not an option... > Should I use the same install scripts (maybe with some minor fixes) > and use the upstream source? IMHO, imp and horde are such fast-moving targets that the only reasonable option is to backport the fixes. So much of IMP's functionality is bound up in configuration files -- config files whose contents and formats /change/ between releases -- that I think it would otherwise be a nightmare for the admin trying to upgrade... This is not something we want to happen in stable. :( The 'security fixes only' POV argues that an admin should /not/ have to learn new configuration settings in order to keep his potato box secure. > Should I let this be debian-qa business? Not a question I know the answer to. :) Regards, Steve Langasek postmodern programmer
