Hi! Just a few remarks:
<< Use unstable or testing, and apply security fixes yourself. Over To my opinion this is a bad suggestion. Maybe my last mail was a bit unclear about this. As security is a process rather than a state, your systems will hardly ever have all the available security-patches. (Not to note that it's not possible to keep up with this job if you are alone with it, which will be the fact if you do it by hand for testing/unstable.) So the question is how to deal with this. As every distribution has a security-team these days (or at least should have) it is possible to get the security-patches in (quite short) time. They established a processes how these patches get into the distributions and do a lot of communication with each other that none is missed. (And if you ever tried to, you will know that this is a quite complex job to do if you want to do it well.) As result a lot of people rely on the work of these teams. Especially Debian has a very "open" way to do this. Security problems a handled publicly if there's no request to do it not this way. So if you protect your systems (more than 2) by these updates, you would be well advised to establish a process yourself how you get them onto your system and how - in general - you keep them more or less secure. And the information if Debian-Security is working as expected is a very valuable one to people who did this. Hopefully my considerations are clear now. (This mail became much longer than I wanted.) Cheers. Helmut -- My GNUpg fingerprint http://www.gnupg.org 4563 F4FB 0B7E 8698 53CD 00E9 E319 35BD 6A91 1656 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
