Am 2007-03-20 17:57:14, schrieb Andrew Sackville-West: > it appears to me that there are two paths into testing for security > fixes: sid or testing security. Is it possible for a security fix to > bypass sid and make it into testing? Obviously there would be some > upstream method for dealing with this... I dug through some of those > vulnerabilities and couldn't find any that were fixed in etch but not > sid, but it seems like it could happen. please educate me
Yes, IF you have for different versions of a program. e.g. Version 0.5.0 in oldstable (one year supported after stable release) Version 1.0.0 in stable Version 2.0.0 in testing Version 3.0.0 in unstable where Unstable is mostly fixed by UPSTREAM and Testing maybe by UPSTREAM but mainly by the package maintainer. And Stable is checked by the Debian QA team whether the patches from UPSTREAM or from the Package Maintaines can be applyed. Thanks, Greetings and nice Day Michelle Konzack Systemadministrator Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ ##################### Debian GNU/Linux Consultant ##################### Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSN LinuxMichi 0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
signature.pgp
Description: Digital signature