| sean finney on 19 Aug 2004 16:43:02 -0000 |
|
On Thu, Aug 19, 2004 at 12:06:05PM -0400, Jeff Abrahamson wrote: > On Wed, Aug 18, 2004 at 04:40:06PM -0400, sean finney wrote: > > i don't know what the story is with gnome, but istr a year or so back > > a situation with kde where for a couple months it was uninstallable. > > i wouldn't have noticed on my machines apart from the fact that i had > > a bunch of packages held back (since it couldn't meet the dependencies, > > it wouldn't upgrade them), but i had some friends who got burned pretty > > badly by dist-upgrading and losing kde. > > Did you only upgrade rather than dist-upgrade? typically i only upgrade, as dist-upgrade is what tries to bring in (and resolve) the borken dependencies. once the list of held-back packages breaks 3 digits or if i need a particular package version, i do a dry run to see what it would do, and if there's no problems, i give it a go. > > this is why i usually recommend either a stable/testing mix (where a > > small number of packages are selectively pulled in from testing, and > > the remaining packages are still tracking security), or a testing/unstable > > mix (where packages are pulled in from unstable on an as-needed basis). > > Assuming you'd upgrade daily or even notice the security alert that > fast. Most people probably will hear about a security problem only a > few days later. within a few days the update has typically already made its way into testing, and it would certainly be in sid. i'd like to point out that this class of users is not for whom the stable security infrastructure was designed. if you don't have something like cron-apt regularly checking for updates, if you're not subscribed to debian-security-announce, and you rely on updates via the periodic "when you feel like it" method (or the "read about it on slashdot" method), what exactly does stable's security infrastructure get you? sean Attachment:
signature.asc
|
|