[Gllug] Ubuntu

[Doug Winter]

Huw Lynes wrote:
> As a long-time RedHat admin I've never understood the situation with
> testing/unstable and security updates. When perusing the debian.org site I get
> put off by the big warning that says No Security Updates for Testing/Unstable.
> 
> So how does running production servers on unstable work with respect to that?

stable gets special-purpose security fixes distributed for it by the 
Security Team.  This is very well managed indeed by Debian.

unstable just gets updated as new stuff gets done - normally a 
Maintainer will release a new version of a package the instant upstream 
do a security patch - but there's no guarantees.   If the maintainer is 
on hols and the Security Team don't get round to it, you get no fixes. 
You need clue to run unstable - but if you have aforesaid clue it 
actually works pretty well.  Test upgrades first on non-production machines.

testing is the current next release.  It gets stuff from unstable, when 
all the dependencies are resolved for the distribution, and when 
packages have been sat in unstable for long enough that they probably 
aren't going to irretrievably break anything.

Some updates might wait a very long time indeed to enter testing - when 
packages on which a lot of things depend are stuck (like libc or perl) 
testing can get stale wrt unstable.  If you have a version of a package 
installed with a security issue, it's tough luck.

d.

-- 
6973E2CF: 2C95 66AD 1596 37D2 41FC 609F 76C0 A4EC 6973 E2CF
http://adju.st/
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug