Chris Ruvolo wrote: > If a package is in the testing distribution and a security update is issued > that effects stable, testing and unstable, how long before the testing > package is updated? Does it have to go through the full process of > maturation to make it to testing from unstable?
Packages can be expidited into testing if the maintainer uploads them with a high urgency field set. I suppose that dependancies could still keep them out though. > How about if the package in stable is not effected (i.e. only testing and > unstable are vulnerable)? Would there be any notification on the > security-announce list? Often not. > Would the updated packed be backported or otherwise > pushed into testing? How soon? Good question. I suppose that if dependancies keep them out of testing, this could be a problem. > Would you recommend keeping a line in /etc/apt/sources.list for the security > server's stable collection if the box is running on testing or unstable > packages? Yes, it's a good idea because you may pick up updates from there before they hit unstable/testing. -- see shy jo
