Re: Woody vs. Sarge vs. You've heard this before ;-)
From: Jacob Anawalt (jacob_at_cachevalley.com)
Date: 08/14/03
- Previous message: stan: "Graphical units conversion program?"
- In reply to: Keith G. Murphy: "Re: Woody vs. Sarge vs. You've heard this before ;-)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: <debian-user@lists.debian.org> Date: Thu, 14 Aug 2003 12:46:27 -0600
"Keith G. Murphy" <keithmur@mindspring.com> wrote:
> Aaron wrote:
>
> >
> > I don't want the hassle of running a hybrid Woody/Sarge system, just
> > because I'm too lazy to deal with the depedencies, but I don't mind a
> > few bugs in exchange for a more recent version of KDE/gAIM/whatever.
> >
> One disadvantage of moving away from stable is that you don't have the
> security updates available anymore. Of course, this probably doesn't
> matter much if you're on a single family PC with no open ports to the
> Internet.
>
When I asked about security, I was told that if bugfixes, including
security updates, are implemented upstream, they would appear in
unstable much sooner than they would in testing.
My conclusion from that was that yes, I will not be getting security
updates from the Debian security team in stable, but I would be getting
the security updates in the form of normal updates to unstable much sooner
than I am going to see them in testing. At any rate, I choose to keep
unstable behind an iptables firewall and NAT gateway running stable.
> But what I do on my home PC is run stable (with security updates) plus
> selective updates from some of the 3rd-party Woody backport sources from
> apt-get.org. Then, I just keep an eye on new security updates; if one
> cropped up on a package I drew from a 3rd party source, I'd have to
> figure out if the 3rd-party packager had incorporated the update, and
> what I needed to do if he didn't.
>
> I can't stand behind any of the packages from apt-get.org, but I'd be
> very surprised if, say, Adrian Bunk's packages were not of extremely
> high quality.
>
> I do notice there's some KDE there, but I can't tell if they're Woody
> backports.
>
> Happy hunting!
>
I haven't gotten into apt-get.org, though it is often suggested. You have
expressed the same issue I have imagined would be the case if I used
apt-get.org, just as I had using 3rd party RPMs for say mod_frontpage.
Security updates aren't released by the 'official security team', and may
not be as timely. On the other hand, the person making the 3rd party
packages _if_ they are still active and not on vacation or sick or something
would likely be re-compiling and back-porting the package for themselves.
Where are they back-porting the fix from? If it's unstable, didn't the guys
running unstable already get this fix? I guess if it's from experimental or
the
upstream maintainer or developers then a stable backport might outpace
an unstable update.
The stable backports sound like a good way to go, especially if
you only want the latest update of a package or two, instead of everything.
For my desktop system running unstable seems to be the thing to do,
running testing wasn't.
-- To UNSUBSCRIBE, email to debian-user-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: stan: "Graphical units conversion program?"
- In reply to: Keith G. Murphy: "Re: Woody vs. Sarge vs. You've heard this before ;-)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
