Bartosz Feński <[email protected]> writes: > W dniu 06.01.2012 18:51, Sergiusz Pawlowicz pisze: >> On Fri, Jan 6, 2012 at 17:15, Russ Allbery <[email protected]> wrote:
>>> If you have a Debian production environment of any appreciable size, it's >>> well worth the effort to set up your own local repository. At Stanford,???? >>> we end up wanting to backport random things, add local packages, or import >>> packages from testing or unstable into stable all the time, and use our >>> local repository extensively for that. >> Yes, it is possible, but if there is no bug, I prefer to have a package >> inside the distro, as by the scale of project, it is always possible >> other bugs can be detected by other users. >> Forking a project is always more risky. > You learned us that there are unmaintained packages... what's more > risky? djbdns isn't unmaintained. There's a disagreement between the package maintainer and the security team over whether it should be in a Debian release, since the package has a security weakness (which is inherently unfixable in all implementations of the DNS protocol, but which can be hardened against slightly in a way that the upstream for djbdns is not interested in doing). -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
