On Mon, Oct 11, 2004 at 06:48:00PM -0500, John Hasler wrote:
> Sven Mueller writes:
> > Say a new open source network security scanner enters the world, and it
> > works well when compiled against Debian stable, we might want to add it
> > to v.d.o even though it wasn't available when the last stab
I wrote:
> v.d.o. should be supported by the Debian security team. I don't think it
> is worth doing if it can't be. One way to help make sure Debian security
> can support it is to keep it as small and simple as possible.
Martin Schulze writes:
> Backports.org isn't supported by the security te
John Hasler wrote:
> > This also might include working on a sort of security team for v.d.o (I
> > think both jobs should actually be combined in v.d.o).
>
> v.d.o. should be supported by the Debian security team. I don't think it
> is worth doing if it can't be. One way to help make sure Debian
Thaddeus H. Black writes:
> An existent backports.debian.org would seem a worthy aspiration. Were
> plans thereto afoot, I would encourage.
I agree, but I try to avoid writing anything that could be construed as
"somebody ought to do X" on debian lists.
> It has been surmised once or twice in th
John Hasler mentions,
> ... the non-existent backports.debian.org ...
An existent backports.debian.org would seem a
worthy aspiration. Were plans thereto afoot, I
would encourage.
(It has been surmised once or twice in this
thread that few people here actually use stable.
This may be so, but ju
On Tue, Oct 12, 2004 at 07:57:06AM -0500, John Hasler wrote:
> Sven Mueller writes:
> > Say a new open source network security scanner enters the world...
> ^^^
Yes, I neglected this half of the scenario, but see below.
> I wrote:
> > Those things belong in the non-existent backports.debi
Sven Mueller writes:
> Say a new open source network security scanner enters the world...
^^^
I wrote:
> Those things belong in the non-existent backports.debian.org, not in
> volatile.debian.org.
paddy writes:
> define 'breaks compatibilty'.
> As long as it _is_ still the same package...
John,
On Mon, Oct 11, 2004 at 06:48:00PM -0500, John Hasler wrote:
> Sven Mueller writes:
> > Say a new open source network security scanner enters the world, and it
> > works well when compiled against Debian stable, we might want to add it
> > to v.d.o even though it wasn't available when the la
Sven Mueller writes:
> Say a new open source network security scanner enters the world, and it
> works well when compiled against Debian stable, we might want to add it
> to v.d.o even though it wasn't available when the last stable
> distribution was released. Or a new version of clamav is releas
Frank Küster [u] wrote on 10/10/2004 19:17:
>> Sven Mueller <[EMAIL PROTECTED]> wrote:
>
==
Draft for a volatile.debian.org packaging and update policy.
>
>> [...]
>
Policy for v.d.o
>
>> [...]
>
- A new versio
Sven Mueller <[EMAIL PROTECTED]> wrote:
> ==
>
> Draft for a volatile.debian.org packaging and update policy.
>
[...]
> Policy for v.d.o
>
[...]
> - A new version uploaded to v.d.o should restrict itself to new code
>which is
Thomas Bushnell BSG [u] wrote on 09/10/2004 19:12:
Sven Mueller <[EMAIL PROTECTED]> writes:
Doing a backport of some upstream change is usually a pretty difficult
task (except for smaller security fixes). It's pretty easy to claim
"no new command line feature added", but it is pretty difficult to
c
Sven Mueller <[EMAIL PROTECTED]> writes:
> Doing a backport of some upstream change is usually a pretty difficult
> task (except for smaller security fixes). It's pretty easy to claim
> "no new command line feature added", but it is pretty difficult to
> claim "no new bugs added" or "all necessary
The draft looks good, Sven. Please also include target # 5 as follows.
> Draft for a volatile.debian.org packaging and update policy.
>
> Target:
>
> volatile.debian.org (or short: v.d.o) is intended to be a repository for
> packages which degrade over time with respect to their usefulness. Th
Thomas Bushnell BSG [u] wrote on 08/10/2004 18:18:
Will Lowe <[EMAIL PROTECTED]> writes:
My argument is just that even if you backport the important features
of a new release into an old codebase, it's hard to make any valuable
claims about the resulting product if the "backport" changes more than
15 matches
Mail list logo
