On Tue, Jan 07, 2003 at 05:08:23PM +0100, Adrian 'Dagurashibanipal' von Bidder wrote:
> So the version from testing should do. You may want to download the
> source package and compile it yourself to avoid having to upgrade
> dependencies (I don't know, just speculating).

Why tell him that?  What the hell is wrong with the version of openssl
from security.debian.org?  There are no known security vulnerabilities
there.

Advising somebody to install packages from *testing* to get security
updates is very unwise.  Doing so would prevent them from getting a new
version of the package in the event that it's updated by the security
team again.

noah

-- 
 _______________________________________________________
| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html 

Attachment: msg08385/pgp00000.pgp
Description: PGP signature

Reply via email to