Rakotomandimby (R12y) Mihamina: > > what's the security policy of Debian testing?
Generally, security updates will propagate through unstable just like any other update. Since the release of sarge (or a short time before that), there is also a repository with security updates for testing. Currently you can use deb http://security.debian.org/debian-security etch/updates main contrib non-free in your sources.list. But as far as I know, testing doesn't receive updates as fast as stable. Stable still has top priority. > for several reasons, I must use Debian Testing on a public server and Awstats > has not been upgraded: > > http://seclists.org/lists/bugtraq/2005/Aug/0134.html If it hasn't been fixed in etch/updates either, you may want to install from unstable and use apt's pinning feature. > Should I ask to the package maintainer? > Should I make My own package, waiting fot it? You shouldn't be running testing on public servers. If you have to, you can try building your own package. If you can isolate the security fix it should be pretty easy (not that I have much experience in that). J. -- I am worried that my dreams pale in comparison beside TV docu-soaps. [Agree] [Disagree] <http://www.slowlydownward.com/NODATA/data_enter2.html>
signature.asc
Description: Digital signature
