On 10.02.2014 20:43, David Christensen wrote: [...] > I fail to understand why solutions to bugs, and especially solutions to > security issues, are being withheld from the "stable" release of Debian > GNU/Linux. Such a practical is harmful to users, and will rightfully > convince them to stop using Debian. > > > Please clarify your response with respect to the Debian update policy > (https://release.debian.org/): > > Suite update policy > > stable > Fast response for security updates. Minor updates include > security and other important fixes only. Major updates are sourced > from testing, and are infrequent, but large. > > > Given the above, I would expect updates for the two identified security > issues, at least. The saved scenario bug I encountered seems neither > "important" nor "major", so I am unclear as to when it would be > incorporated into an update. >
David, the security issues are completely unrelated to your bug report and my reply to you only highlighted three options how you could upgrade to a more recent version of freeciv. This bug does not qualify for a stable update because it is simply not important enough. Such issues can be fixed in stable-backports but this is not mandatory. Uploads to stable-backports happen upon request by users, if there is a need and a human maintainer who is interested in doing the work. It is simply not doable to backport every bug fix to Debian stable because there is a far greater danger of regressions and also a lack of manpower to keep 40000 binary packages in a stable condition. Stable means rock solid and reliable and free of release critical bugs, but it does not imply that stable is bug-free. Regarding the security issues the security team decided that they are not critical. Nevertheless I intend to ask Debian's release team to include the fixes in the next point release. Markus
signature.asc
Description: OpenPGP digital signature
