摩托學園討論區

[nxu]

其實之前就想問了 @@

為啥Unstable(SID)沒有安全性更新啊？
(http://security.debian.org 上找不到 囧？)

個人猜是不是因為，只要發現程式有Bug，有洞，就直接把APT server上的該檔，給換成修正後的檔案，所以安全新更新的義意就不是那麼大了，所以沒用？

這樣？
還是事情不是像笨蛋想的那樣？

[nxu]

Please note that security updates for "unstable" distribution are not managed by the security team. Hence, "unstable" does not get security updates in a timely manner. For more information please see the Security Team's FAQ

可是有 Testing Security Team 囧？
那有沒有 Unstable Security Team ？(Google上沒找到 囧rz)

[kanru]

Q: How is security handled for testing and unstable?

A: The short answer is: it's not. Testing and unstable are rapidly moving targets and the security team does not have the resources needed to properly support those. If you want to have a secure (and stable) server you are strongly encouraged to stay with stable. However, work is in progress to change this, with the formation of a testing security team which has begun work to offer security support for testing, and to some extent, for unstable.

Q: How does testing get security updates?

A: Security updates will migrate into the testing distribution via unstable. They are usually uploaded with their priority set to high, which will reduce the quarantine time to two days. After this period, the packages will migrate into testing automatically, given that they are built for all architectures and their dependencies are fulfilled in testing.

The testing security team also makes security fixes available in their repository when the normal migration process is not fast enough.

[訪客]

試想想為何 debian 的管理人稱這分支為 "unstable" 吧