Luis Matos wrote: > backports use testing as base for the packages. > setting up security for backports is a bit easier than for testing. Lot > less packages. > My point is, for example, when the security team lauches a DSA, it > always sees if both unstable and testing are afected. They already > monitor testing and unstable too ... it's just a question of applying > patches. (maybe a apt-patch package. in which he rebuilds the package > with the selected patch). > > The same would do for backports, security team would patch the package > and send it to the buildd. > > I know ... it's more and more work for the security team ...
thinking aloud: hypothetically assumed that (parts of) backports.org would get official, i could do security support for it as i do it atm for about half of the packages on backports.org anyway. -- Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist Email: [EMAIL PROTECTED] Internet: http://people.panthera-systems.net/~daniel-baumann/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
