[Pkg-ia32-libs-maintainers] ia32-lib plans and security support for same
Florian Weimer
fw at deneb.enyo.de
Tue Apr 29 21:13:47 UTC 2008
* Goswin von Brederlow:
> Joerg Jaspert <ftpmaster at debian.org> writes:
>
>> - The included complete copy of the source *and* the existing i386
>> binary is something that is really bad. Yes, we get in trouble if we
>> don't include the source for packages on the archive, but it is still
>> a *very* strong point against this packaging scheme.
>> We (as in ftp-team), but even more the security team are against
>> them.
I think from a security support POV, we can get away with it if the
.debs are not actually built from the included source code.
> I hope you feel that this will simplify matters not just for us but
> also for you and will allow this package split continue.
I simply lack the necessary network bandwidth to keep the current
ia32-libs updated. But for someone with good connectivity, it should be
relatively straightforward to build periodic roll-up packages. We
should figure out why this hasn't happened. The fundamental problem
probably lies somewhere else.
(Note that you need to deal with security updates *and*
stable-proposed-updates, BTW.)
And what about downloader that build .debs locally, from the i386 .debs?
Has this approach been considered? This would sidestep the issue of
up-to-dateness.
More information about the Pkg-ia32-libs-maintainers
mailing list