Joe Buck wrote: > I've had a consistent problem over the years with the announcements that > are sent out for updates to the stable distribution, one that should be > easily correctable.
Hmm > The messages are written as if it is assumed that people don't apply security > updates. It is typical that an update to stable changes 30 packages, but > 27 of those changes do nothing to a system that has security.debian.org in > the apt sources.list. What this means is that the vast majority of > readers have to carefully scan and parse the messages to extract the > small number of changes that will actually do something to their system, > as opposed to security updates that have already been applied, or else > completely ignore the message and just see what apt-get dist-upgrade > wants to do. Please take into accounts that the mails sent to debian-devel-annonce are targetted at developers who are able to distinguish between the various reasons for packages to be included or rejected. These people are asked to carefully scan the list in order to review it and report problems if there are some. The final annoncement that is written up for regular users is sent to the debian-announce list instead. It divides into security updates and other updates as well as removed packages. Hence, the people who won't care or don't want to care and just wand to use apt-get dist-upgrade will have to wait for the update to happen and the user announcement to be sent out anyway. > The solution is obvious: please include a list (ideally at the beginning) > of changed packages in the release that were not previously available from > security.debian.org. In most cases this will be a very small list. I already say "DSA nnn-m" in the first line of the description for each set of packages that was updated through security.debian.org. The user announcement[1] contains two sections "Security Updates" and "Miscellanneous Bugfixes", so I really don't know what you are talking about -- or you just didn't understand that the "Bits from SRM" mail is for coordinating the update and not announcing the update. Links: 1. http://www.debian.org/News/2002/20020713 Regards, Joey -- GNU GPL: "The source will be with you... always."
