On Sun, 18 Jul 2004 13:41:59 +0200, Jerome wrote in message <[EMAIL PROTECTED]>:
> Dear Philipp, > > On Sun, 18 Jul 2004 13:20:50 +0200 > "Philipp" <[EMAIL PROTECTED]> wrote: > > 1) Are you using unofficial repositories on production servers ? > I'm using PHP from dotdeb.org. It provides PHP 4.3.8 and PHP 5.00 for > woody. The guy who do that work for a french isp, so I think it's > "safe" I havn't any problem with these packages, I'm using it for a > year now.-----8<-------- > deb http://packages.dotdeb.org ./ > -----8<-------- > > > > 4) What about security.debian.org ? If a vuln is found and > > security.debian.org gives out a fixes version, and i gave > > security.debian.org and the unofficial repository in my > > sources.list, what will happen ? ..the red lines in http://backports.org/changelog.html are the backport security updates. Also see my response below. > As the version in unofficial package will be higher, you will stay > with it. You can force this mechanism with apt-pinning, aptitude or > with holding package. ..http://backports.org/contribute.html provides "Reduce the Debian version by one, and add a string like backports.org.1 (prefered one, so it's clear where this backport comes from) to it, if this is the first release of that backport. For example, if you backport libfoo_1.2.3-4, the backport will be libfoo_1.2.3-3.backports.org.1, and you can raise the last number when you fix bugs in your backports." > Package in woody, and from security.debian.org are always patch for > security hole. ..for your local site mirrors of security.debian.org, what do you guys use? -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
