Hi,
Christian Storch wrote: :: First I think it shouldn't be a distro as each other :: for that it never would become a stable release by :: definition. But it could make security updates a :: little bit easier and perhaps more stable: They could :: be tested within a stable environment before moving :: into stable and breaking some relative packets.
Ok, sounds good. :)
:: But at moment I'm not sure about what should be :: discussed in this thread.
Sorry Christian, you are completely right. A few days ago I saw a discussion about long threads without change the subject, sorry, my mistake.
:: Is it going about an improvement of applying security :: updates to stable?
We should start a new discussion trying to figure out how we can improve security updates to stable. And also to new releases.
:: Or more about the problem of non documented security :: patches of some upstreams (here php)?
Yes, this thread is about "php" and security patches from upstreams. Somebody knows the position of PHP Security Team about this? What I mean is, the php maintainer in Debian, already talk with PHP Security Team about what we are facing?
:: The latter will be the important question for me! :: What will be the policy of security team about these :: problems and perhaps how could the communty help to :: solve these problems?
Don't exactly, the community could do some backports and upgrade tests on php package, but it is not official and people could doubt about how safe is use it.
I don't know if we can upgrade php to a non-harmfull new version, perhaps we should write an open statement to the community, but I would like to wait until hear some PHP Security Team notices. :o)
Best regards,
-- ////////// // Felipe Augusto van de Wiel (faw) <[EMAIL PROTECTED]> // GUD-PR / DUG-PR || http://www.debian-pr.org // GUD-BR / DUG-BR || http://www.debian-br.org // Debian Project || http://www.debian.org/ //////////
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
