On Sun, Jan 14, 2007 at 02:03:57PM +0100, Michael Prokop wrote: > * Marc Haber <[EMAIL PROTECTED]> [20070113 14:15]: > > On Mon, Jan 08, 2007 at 06:01:31PM -0700, s. keeling wrote: > > [Debian Testing] > > > That's also the best place for a newbie to be. > > > I disagree with that. Testing might be broken once upon a time, and > > when you're not able to fix this you don not belong on Testing. > > Especially as Debian testing does not get real security-support. :( > That's not really relevant for workstations for me, but straight > before a new stable release is available that's an important point - > at least for me.
There is some kind of Security Support for Debian testing, by means of the testing security team. Unfortunately, they're missing a lot of the transparency I'd like to see from a security team, but that's nothing new for Debian. I plan to blog about this in the near future once I find the time. Unfortunately, even stable security support has been somewhat deteriorating since the sarge release, I hate to say. Especially in the past few months, in more than one case a security fix has reached testing by means of a normal unstable maintainer upload and normal testing migration before the stable security team issued the fix for stable. In theory, stable security could be much faster than a maintainer upload since the stable security team has access to embargoed vulnerability reports, which the normal maintainer does not have. This is all quite disappointing :-( > > Stable is the best place for a newbie to be. > > "If it works" (the "brand new hardware problem") Yes, Debian needs to address this. > and if the newbie does not need support from upstream (see my other > mail for more details). This is an issue, yes. > > > Helping to test testing helps Debian produce sable. > > > Yes, but bug reports from newbies are seldomly useful. Which is no > > offense to the newbie; isolating and reporting bugs is a form of art. > > Yes, at least regarding bug reports for package maintainers. ;) But > newbies can often locate problems in software because they lack > developer's "business blindness" (Betriebsblindheit). At least > isolating bugs is usually possible even with newbies, especially if > they have support on their side (instant messaging, irc,...). If you have a quick means of communications, things can work, but debugging via E-Mail with a newbie is a useless waste of time. > > > That said, Debian's unstable is more stable than many distros' > > > stable release. > > > Disagreed here. Especially in the period right after a stable release, > > unstable's breakages can be horrible. > > The package freeze for Debian etch took place a few weeks ago. The > unstable pool is "moving [nearly] as usual" NACK. We did not have any library transitions for months, and new upstream versions are being withheld. > and I don't notice any serious problems - and don't really expect to > find any when etch is out. :) I remember the PAM breakage where login to an unstable system became impossible. Without grml, I would have been in serious trouble back then. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 _______________________________________________ Grml mailing list - [email protected] http://lists.mur.at/mailman/listinfo/grml join #grml on irc.freenode.org grml-devel-blog: http://grml.supersized.org/
