On Tue, Jan 07, 2003 at 05:08:23PM +0100, Adrian 'Dagurashibanipal' von Bidder wrote: > So the version from testing should do. You may want to download the > source package and compile it yourself to avoid having to upgrade > dependencies (I don't know, just speculating).
Why tell him that? What the hell is wrong with the version of openssl from security.debian.org? There are no known security vulnerabilities there. Advising somebody to install packages from *testing* to get security updates is very unwise. Doing so would prevent them from getting a new version of the package in the event that it's updated by the security team again. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
msg08385/pgp00000.pgp
Description: PGP signature
