[plug] Debian Security Updates

Michael Hunt michael.hunt at oddsocks.net
Fri Oct 8 08:58:27 WST 2004


On Fri, 2004-10-08 at 07:45, James Devenish wrote:

> In message <4164B67B.8020707 at tigris.org>
> on Thu, Oct 07, 2004 at 11:22:35AM +0800, Tim White wrote:

> > I'm running testing so my solution was to remove all servers but
> > security and then do an upgrade then place the other servers back
> > in. Works fine. Is there a more elegant solution?
> 
> I agree with Harry because at first glance, this doesn't seem to make
> sense to me either. Maybe you'd better post your /etc/apt/sources.list
> and /etc/apt/preferences! My understanding is that there basically
> aren't any security packages for testing because the updates are rolled
> into testing itself. So I, don't know what it is that you've installed,
> or from where!

That there are no security patches available for testing is not entirely
true. Currently some security patches are available by just adding the
following to you /etc/apt/sources.list file.

deb http://security.debian.org/ testing/updates main contrib non-free

This has only happened in the last couple of months and has the two fold
purpose of (a) testing the security infrastructure in readiness for a
sarge release (b) providing security patches for the growing pool of
users now starting to run testing. See debian weekly news for more info.

Using testing or unstable has its caveats and the issue of security
patches is a very big one. I suspect the need for an up to date debian
distro with security is the niche that the commercial Linuxes like
Libranet, Progeny, User-linux and new kid on the block ubuntu-linux are
trying to fill. 

Michael Hunt




More information about the plug mailing list