Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.devel.testing > #1207

Re: Current bullseye security and stability

From MichaIng <micha@dietpi.com>
Newsgroups linux.debian.devel.testing
Subject Re: Current bullseye security and stability
Date 2021-01-16 21:20 +0100
Message-ID <By0db-6Rd-1@gated-at.bofh.it> (permalink)
References <BxbaG-YY-11@gated-at.bofh.it> <BxbNo-1q7-19@gated-at.bofh.it> <Bxcq6-1Um-9@gated-at.bofh.it> <BxWsV-4D0-1@gated-at.bofh.it>
Organization linux.* mail to news gateway

Show all headers | View raw

 > So you recommend avoiding sid even for specific package minor-version
 > upgrades with security fixes?
 >
 > The Debian wiki says otherwise.  See
 > https://wiki.debian.org/DebianTesting#Best_practices_for_Testing_users
 >
 > I currently follow the Debian wiki advice.  I carefully monitor the list
 > of installed packages from unstable, to avoid unintended upgrades.

Hi Jorge,

the way you explain how you use it, especially carefully reviewing the 
upgrade list, and are okay with the chance to run into bugs with the 
implementation, it should be fine, but I would never recommend it to a 
"regular" user, not knowing the experience level.

Read the notes at the top about which requirements need to be fulfilled 
before a package is merged from "unstable" to "testing":
- The package has been in "unstable" at least for 2-10 days (depending 
on the urgency of the upload).
- The package has been built for all the architectures which the present 
version in testing was built for.
- Installing the package into testing will not make the distribution 
more uninstallable.
- The package does not introduce new release critical bugs.

The other way round, the above points are not guaranteed for "unstable" 
and usually critical security fixes are available in testing a couple of 
days later, which should outweigh the possible chance for a major 
security issue introduced with a package from unstable due to a 
non-reviewed/tested implementation change for example.

When using testing only, APT upgrades can be applied without issues 
(dist/full-upgrade still needs to be reviewed of course due to possibly 
changing major versions) and a minimum of test and review is guaranteed, 
which IMO is worth it to wait for.

But it all depends on the use-case and personal preference, of course. 
And, if you do report bugs back to the package maintainers, you can help 
making testing->stable better for other users, so it's actually great if 
more (experienced) users use "unstable", but it's just not what I would 
recommend to a "regular" user ;).

Kind regards,

Micha

Back to linux.debian.devel.testing | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

Current bullseye security and stability "Jorge P. de Morais Neto" <jorge+list@disroot.org> - 2021-01-14 14:50 +0100
  Re: Current bullseye security and stability ldavila@syt.net - 2021-01-14 15:30 +0100
    Re: Current bullseye security and stability MichaIng <micha@dietpi.com> - 2021-01-14 16:10 +0100
      Re: Current bullseye security and stability Jorge P. de Morais Neto <jorge+list@disroot.org> - 2021-01-16 17:20 +0100
        Re: Current bullseye security and stability MichaIng <micha@dietpi.com> - 2021-01-16 21:20 +0100
          Re: Current bullseye security and stability Jorge P. de Morais Neto <jorge+list@disroot.org> - 2021-01-17 00:00 +0100

csiph-web