danimoth <[email protected]> writes: > On 19/02/13 at 11:48am, Lee Fisher wrote: >> I'd suggest one that is fully-controlled by the community, like >> Debian, or another one of your preference. >> > > Anywhere in the world I won't use Debian, because of the fact that > packages shipped are modified and patched a lot. That means other people > (packagers) are doing the job of developers, and like all people that > doesn't do their job, sometimes errors happen (do you remember the > PRNG?).
Developers never made a mistake leading to a security problem, so Debian's one mistake in 2006 should be forever trotted out as an example of how Debian sucks, good point. Sorry, but this distinction between Developers doesn't make sense, many Debian *Developers* are developers themselves, often upstream to the packages that they are shipping. > We (as users) should require vanilla packages, or at least patched with > patches from official developers (e.g. we have 1.2.0 bugged, meanwhile > 1.2.1 is out we should have 1.2.0 patched). You are free to do that, but please let us know how that goes. My experience is that your hardline requirement is not realistic. micah -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
