[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnumed-devel] Re: reborn

From: J Busser
Subject: [Gnumed-devel] Re: reborn
Date: Mon, 29 Nov 2004 10:04:34 -0800

At 7:19 AM +0100 11/29/04, Andreas Tille wrote:
  b) Just building a Debian package does not make software secure
     by default.

You'll hopefully excuse any ignorance, I (maybe) misinterpreted from a prior email that packaging within debian would bring with it some orderliness that enhances/assists security i.e. that advantages to a debian package include *some* security benefits (even if only indirect), maybe that is wrong

  c) A good sign for having people who care for the security of a package
     is only if a package belongs to the Debian *stable* distribution. The
     unstable distribution is no target of the Debian security team (which
     does not mean that single maintainers wouldn't care for the security
     of their packages in unstable - but there is just no guarantee).

I suppose there may be no guarantee wither way, it is just that the debian security team *commits/tries* to be responsible, and responsive, to security issues for the packages that are in stable...

Does this also mean that a medical practice, using real patient data to provide real care, should always stick with "stable" --- or perhaps --- that if the practice moves up to "testing", they need some confidence that security issues for the kernel, and for any packages *used by that practice*, will be closely and actively watched/managed, by people *other than* the debian security team?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]