On Thu, Nov 19, 2009 at 02:16:15PM +0700, Sthu Deus wrote: > Good day. > > I have searched backport, wiki web sites and still can not understand: does > debian security team works with its packages or not? In other words, using > stable only and desiring the same security quality, I would not use the > backports repo? Am i correct?
backports.org is not under the hands of the Debian security team. Usually backports are based on packages from testing, in case of security issue uploads based on packages from unstable are allowed aswell. It's usually the uploader of the backport who is responsible to care for uploads in case of security issue. So it doesn't hurt if you keep an eye on the backports aswell that you install. Since you should install only selected backports where needed you've to monitor just those very few selected packages. Additionaly there is a backports-security-announce list where backporters announce security relevant uploads. Gerfried: Maybe that's something that should be noted in the FAQ aswell? Sven -- If God passed a mic to me to speak I'd say stay in bed, world Sleep in peace [The Cardigans - 03:45: No sleep] -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
