I just wanted to post this for consideration. I’m not looking to rehash old
posts, but Devuan is at the moment finding its legs. I feel that this is a
valid concern that may arise in Devuan’s future. I think it should be
discussed openly.
http://threatpost.com/debian-announces-end-of-security-support-for-iceape/103203
Assuming that we follow upstream Debian “en masse”, do we have the resources
to for vetting every upstream package that Debian provides or are we going to
simply take them on faith and try to keep sync with Debian’s patches?
I’ve often advocated the idea that Devuan should focus on a “core” and leave
the rest of Debian to interested parties willing to maintain it. Regardless of
the outcome of that discussion, the update and security model should be visited
at some point.
_______________________________________________
Dng mailing list
[email protected]
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
