On Wed, Aug 29, 2001 at 10:20:05AM -0700, Karsten M. Self wrote: > on Wed, Aug 29, 2001 at 11:36:25AM -0500, Dave Sherohman > ([EMAIL PROTECTED]) wrote: > > On Wed, Aug 29, 2001 at 12:15:52PM -0400, > > [EMAIL PROTECTED] wrote: > > > Are unstable (sid) security patches posted in the > > > main repository (US for me) or in security? In other words, do I need to > > > track the "security" site in unstable (sid)? > > > > No. Security patches are applied directly to the main sid archive. > > Disagreed. > > Given different procedures for updating Sid and Security sites, one or > the other may be more current. > > I keep my Sid sources.list pointing at stable, unstable, and security. > I pull the most recent package(s) from whichever source is most up to > date. There is no conflict, and a (theoretical) slight advantage.
I doubt that you actually get anything from security very often; perhaps you would when a package hasn't been updated since stable, then has a security update in stable, then takes a while for the maintainer to get round to applying the same security update to unstable. (This has been known, but for fairly obvious reasons it's a bug for a package to be newer in stable than in unstable.) security.debian.org consists of security updates to stable that have been checked and had advisories issued by the security team. There is a sid/updates tree, but all the packages there date from 1999, so it's not the same sid we're talking about here and tracking that is probably rather pointless. -- Colin Watson [EMAIL PROTECTED]
