[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20140416162417.GA2707@pisco.westfalen.local>
Date: Wed, 16 Apr 2014 18:24:18 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2907-1 security@...ian.org
http://www.debian.org/security/ Moritz Muehlenhoff
April 16, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
This is an advance notice that regular security support for Debian
GNU/Linux 6.0 (code name "squeeze") will be terminated on the 31st of
May.
However, we're happy to announce that security support for squeeze is
going to be extended until February 2016, i.e. five years after the
initial release. This effort is driven by various interested parties /
companies which require longer security support. See the "LTS" section
of https://lists.debian.org/debian-devel-announce/2014/03/msg00004.html
for the initial announcement.
The details are currently being sorted out and a more detailed
announcement will be made soon.
Brief advance FAQ (but you should really wait for the more detailed
announcement):
Q: What's the difference between regular security support and the LTS
support?
A: squeeze-lts is only going to support i386 and amd64. If you're
running a different architecture you need to upgrade to Debian 7
(wheezy). Also there are going to be a few packages which will not
be supported in squeeze-lts (e.g. a few web-based applications
which cannot be supported for five years). There will be a tool to
detect such unsupported packages.
Q: Does this mean that Debian 7 (wheezy) and/or Debian 8 (jessie) will
have five years security support as well?
A: Likely, we'll see how squeeze-lts turns out. If there's sufficient
support it will be continued for later releases as well. Also, see
below.
Q: Is additional help needed?
A: Absolutely. squeeze-lts is not handled by the Debian security team,
but by a separate group of volunteers and companies interested in
making it a success (with some overlap in people involved). So, if
you're a company using Debian and seeing a benefit in security
support for five years, get in touch with team@...urity.debian.org
and we'll see how you can help (if you e.g. don't have the manpower /
know how but are willing to contribute, we can point you to a list
of Debian consultants)
Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJTTq40AAoJEBDCk7bDfE42irUP/07ESI2s3WobVwt6CWtLxgac
HdM11boSnqDJgoG6IV4hoOWgmeUluxQu+VH/e55k6etWN8tC4rYBgkDsOfRBLros
9S9XesreaJ7rS4RbGZSRwCqVMNPpMBCHcBIFchwMcSwjcVyBeNrfcfm6blBVkpY2
2t6ml6ar3au9mAS1WqhktAKfQY9YlrvXPnzNL2/fkW6U6hCPeqOPOa4glm0ZbXgA
qkkOZZ52anaz70FA5ZWsCnpktz8mwrnfKuoH3gDmLTo6cnuWBH0ZxB3kvKAnY9rn
2QWE0EUBYi/ch26E8RkQ4W8xHC+KTMdVnfsKyd8ggHBdaQBuQwSuqxCT75KLhjOd
9WWzlnI4UK0Q4M3SYoOqTtwC7ImBeIamDZ+bhOapDjzfA6Z1RovqZ2q5DkpxMStf
L95paG8lbgvggBZ6X+1hTBNxbhae4DLLsrXjCBSqk1DtiiWL/ukAsAKCJ6ufzX8f
2fTYBilb6o51wQTp+0fUuTRJkBv/jgp/PlaWLOaPDmlqFxmYTRr0HrLjaDuj4J7s
F8m6AS9Nw3lEzYo5g65xg0/xvq5hBa/A6zM+x7cn/21llOmPvY5VbWlcO5ywAYh7
151een6x4tWTSd7bLdvrxCiQWSYNnUnfFJcJz3v7kqPtRq4GnLyKzvpNtaOjzrx8
1OawvgPyZEqBBsb0sw11
=OwPu
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists