Pedro Hernandez <[EMAIL PROTECTED]> writes: > --- Rus Foster <[EMAIL PROTECTED]> escribió: > On Thu, 22 Jan 2004, > Pedro > >> Debian stable aims for well, stability so the old packages are >> known to be secure and work. If you want newer versions have a look >> at things > Ok. I can buy that. How does things work with versions that are known > to have security issues? Postfix 1.11 as well as 1.12 are known to have > security "flaws", are the debian version patched for those but still > keep version 1.11?
In general, Debian prefers to port fixes to older versions rather than push a new release, with new unknown bugs, on to unsuspecting "stable" users. If you look at the package's Debian changelog (generally /usr/share/doc/packagename/changelog.Debian.gz), it should include backported security fixes. >> like apt-get.org and backports.org > Thanks, but secure and stable is what I am looking for right now, so > woody-stable might be the solution. (Within Debian there are also two other branches: "unstable" is the branch developers upload to directly and always has the most bleeding-edge software, sort of; after some time in unstable without a serious bug appearing, software automatically migrates from unstable to another branch, "testing". So in theory testing is the working parts of unstable from a couple of weeks ago. Starting with stable is definitely a good way to go, though.) -- David Maze [EMAIL PROTECTED] http://people.debian.org/~dmaze/ "Theoretical politics is interesting. Politicking should be illegal." -- Abra Mitchell -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]