On Sun, Jun 23, 2002 at 04:51:20PM -0400, Phillip Hofmeister wrote: > > Well, still binary patching could be implemented (although, in a rather > > osbscure way) using pre-install scripts which would patch the definition > > files. However, this would require two packages providing the same > > version of the definition files (a patch package and a complete > > new-version package) and a whole lot of patch packages dangling around. > > So I guess I am writing nonsense. > > Umm...silly thought...couldn't we have two packages. The binary then a lib > (which the binary depends on) that would contain the defs, then just update > the libs?
I think the problem is that as others have said, no package which is 10 minutes old should go into testing. Therefore packages in stable are going to have to depend on packages in unstable. This can only happen happily with pinning. Therefore I can't see any further problems. Example: snort exists in stable. Depends on package snort-definitions which *does not* exist in stable but only exists in unstable. Pinning thus allows the user to track stable as per normal, but for snort-definitions, it tracks unstable. If I've missed something obvious, please shout at me ;-) So now we need a list of packages that are going to need individual definition packages and to get going. I guess we really should have another package (security-updater?) that updates sources.list with the necessary information. Matthew -- Matthew Sackman Nottingham England BOFH Excuse Board: not properly grounded, please bury computer -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
