[csw-users] security updates on the stable branch?

Pub cra pub.cra at gmail.com
Thu Apr 20 19:29:16 CEST 2006


On 4/19/06, James Lee <james at blastwave.org> wrote:

> Not sure what you mean, if there was a problem with apache or openssh,
> then yes, their packages would be updated and added.  All packages in
> stable would be QA checked as a set and a mid-term stable release takes
> place.
>
>

Sorry, I'm was thinking of the debian style of security updates when I
posed the question: the update (patching/upgrade, QA and release
happens by package and not by release.
So by example when an apache vulnerability is found, only *that*
package is patched and re-released inmediately. So between releases
you have lots of updates.

Blastwaves seems to work diffently if I read your mail correctly. You
correct a collection of bugs on several packages and release a
"release" (on timely basis, but with mid-term releases if necessary).
Advantage is less breakage, disavantage is that it's *possible * that
you'll be running vulnerable software for weeks or months (until the
next mid-term stable release).

Please do not read my mail as a critic, as I really do appreciate your
work. I just need to evaluate things correctly before taking a
decision to move a serverpark from sunfreeware/self-compile to
blastwave.

C.



More information about the users mailing list