Jason Martens
2007-May-15 13:11 UTC
[Secure-testing-team] Does Lenny have secure testing support?
I was updating the "Status/Testing" debian wiki page, and I was wondering if Lenny has security support at this point. If you let me know, I''ll update the page, or you can go do it (1)yourself. 1. http://wiki.debian.org/Status/Testing Jason Martens
Stefan Fritsch
2007-May-18 17:03 UTC
[Secure-testing-team] Does Lenny have secure testing support?
Hi Jason, sorry for the late answer. On Tuesday 15 May 2007, Jason Martens wrote:> I was updating the "Status/Testing" debian wiki page, and I was > wondering if Lenny has security support at this point. If you let > me know, I''ll update the page, or you can go do it (1)yourself. > > 1. http://wiki.debian.org/Status/TestingUnfortunately, there is currently no working security support for testing, because 1) there are some problems with the build infrastructure for testing-security uploads 2) the new glibc in unstable is preventing most packages from propagating to testing in the normal way Users of testing are advised to check which vulnerabilities affect them with the debsecan package or with the security tracker webpage [1]. In cases where lenny has not deviated from etch yet, it is possible to manually install packages from stable-security, e.g. for clamav and samba. I hope that 1) will be fixed soon. Cheers, Stefan [1] http://security-tracker.debian.net/tracker/status/release/testing -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070518/5e09102d/attachment.pgp
Jason Martens
2007-Jun-08 14:29 UTC
[Secure-testing-team] Does Lenny have secure testing support?
On Fri, 2007-05-18 at 19:03 +0200, Stefan Fritsch wrote:> Hi Jason, > > sorry for the late answer. > > On Tuesday 15 May 2007, Jason Martens wrote: > > I was updating the "Status/Testing" debian wiki page, and I was > > wondering if Lenny has security support at this point. If you let > > me know, I''ll update the page, or you can go do it (1)yourself. > > > > 1. http://wiki.debian.org/Status/Testing > > Unfortunately, there is currently no working security support for > testing, because > > 1) there are some problems with the build infrastructure for > testing-security uploads >Has this issue been resolved yet?> 2) the new glibc in unstable is preventing most packages from > propagating to testing in the normal wayI know glibc made it to testing, so with this issue out of the way are secure packages now available? Thanks, Jason Martens
Stefan Fritsch
2007-Jun-12 21:56 UTC
[Secure-testing-team] Does Lenny have secure testing support?
Hi Jason, I forgot about the wiki page :-(, but I have now updated it. On Freitag, 8. Juni 2007, Jason Martens wrote:> > 1) there are some problems with the build infrastructure for > > testing-security uploads > > Has this issue been resolved yet?I think so. Most build daemons were fixed in the second half of May (all except alpha, powerpc, and mipsel). There have been a number of security updates, too. Alpha, powerpc, and mipsel seem to have been fixed in the last two days.> > 2) the new glibc in unstable is preventing most packages from > > propagating to testing in the normal way > > I know glibc made it to testing, so with this issue out of the way > are secure packages now available?Yes, glibc migrated, which helped a lot. All in all the security of lenny is now much better than one month ago. However, security support for lenny is not of the same quality as for stable. We will try to find an appropriate definition at DebConf next week. Cheers, Stefan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070612/f5812a1d/attachment.pgp