[kwlug-disc] security update frequency
Hubert Chathi
hubert at uhoreg.ca
Fri Apr 8 22:15:25 EDT 2022
On Fri, 8 Apr 2022 14:44:08 -0400, Chris Frey <cdfrey at foursquare.net> said:
> On Fri, Apr 08, 2022 at 11:05:09AM -0400, Khalid Baheyeldin wrote:
>> Perhaps Debian backports fixes rather than issuing new releases, and
>> that causes many fixes?
> Debian tends to follow whatever the "LTS" equivalent version is for
> the browser. So Debian Bullseye is on chromium 100, while chromium
> 102 appears to be the latest version. But these updates come from
> upstream, not Debian, as I understand it, so it shouldn't be Debian
> specific.
It depends on the software. The normal Debian practice is that Debian
stable gets whatever version of the software was current when the Debian
release gets frozen. Some times, maintainers will choose to go with an
"LTS" or similar version, if such a version exists. Usually, security
fixes generally get backported, either by Debian or by the upstream
developers.
However, in some cases, the security fixes are too complicated to be
backported. In such cases, the security update for those packages will
consist of a whole new upstream release, rather than patches to an old
release. This is the case for Chromium, and a few other packages such
as LibreOffice.
More information about the kwlug-disc
mailing list