W. Borgert <[EMAIL PROTECTED]> wrote:
>> (1) keep vulnerable packages in stable,
>> (2) remove affected packages from distribution,
>> (3) allow new upstream into stable.
> I'ld "vote" for (2), maybe with the goal of creating pressure
> towards upstream to take security more serious.
But how do you push the users to remove the package from their
systems? In reality they will keep the broken version installed and
so you have (1) again :-(
Tschoeeee
Roland
--
* [EMAIL PROTECTED] * http://www.spinnaker.de/ *
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
