[rt-users] RT 3 and Debian :-)

Florian Weimer fw at deneb.enyo.de
Tue Jun 1 04:39:01 EDT 2004


* Marc Haber:

>> I've just been through this. Sid broke twice in one week, and currently
>> remains broken.
>
> I cannot confirm this. My sid systems are alive and kicking.

There was some mod_perl breakage recently, and if you're running RT3
on top of Perl, this can be quite painful.

> I have to disagree on that. priority high only shortens the wait
> period. If a package's dependencies cannot be satisfied in sarge, the
> package doesn't migrate to sarge even if the waiting period is over.
> That way, a security update can be held from migrating to sarge for
> weeks or even months.

This is correct, that's why you have to become familiar with the build
process of the most important packages you use.  Train using dpatch
and friends in advance, so that you can create your own security
update if necessary.  Subscribe to the package tracking system for
your important packages.  Follow the upstream announcement mailing
lists for those packages (sarge/sid vulnerabilities are not
necessarily announced by Debian).

And, what's probably most annoying: regularly update to the most
current sarge or unstable version.  This can be disruptive, and you
don't want to add this to the usual troubles of a security upgrade.

-- 
Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains: bigpond.com, di-ve.com, fuorissimo.com, hotmail.com,
jumpy.it, libero.it, netscape.net, postino.it, simplesnet.pt, spymac.com,
tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr, yahoo.com.



More information about the rt-users mailing list