[Server-devel] Debian LTS Clarification & UbuCon @ SCaLE March 1-2 (free)

Adam Holt holt at laptop.org
Mon Feb 20 09:19:06 EST 2017 

Many thanks James.  Speaking of LTS-like rubber meeting the road, Raspbian
Pixel isn't exactly Debian but it has suddenly upgraded chromium-browser in
recent days from Chromium 51 to 56.0.2924.84-0ubuntu0.14.04.1.1000 for
those who run:

   apt-get update
   apt-get upgrade

(To remove all cruft for testing purposes, I happen to also run...)

   apt-get autoclean
   apt-get autoremove

Amazingly this new Chromium 56 browser cannot load most Google-related web
sites such as:

   https://google.com
   https://gmail.com
   https://youtube.com
   https://plus.google.com
   https://hangouts.google.com

Other web sites load normally.  If anybody has suggestions, the error is:

   ERR_SSL_PROTOCOL_ERROR

Looks like Raspbian's QA process overlooked this issue, that will render
the browser useless for many people.  Everyone makes mistakes.  Raspbian
forums have not responded to this bug (insofar as I can tell?) so perhaps
we just need to wait:

   https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=174870

On Sun, Feb 19, 2017 at 11:50 PM, James Cameron <quozl at laptop.org> wrote:

> On Sat, Feb 18, 2017 at 03:58:26PM -0500, Adam Holt wrote:
> > Thanks to Alex Perez:
> >
> > "The Debian project is extending its famous development process to offer
> > long-term support."
> > http://www.linux-magazine.com/Issues/2017/194/Debian-LTS
> >
> > I'm having trouble understanding if this is really different from
> > the promises made in very recent years,
>
> Which promises are they?  My guess is that you don't actually need to
> compare promises in detail.
>
> > but hopefully experts can clarify how the rubber's increasingly
> > meeting the road, delivering on these proactive security promises :)
>
> Probably you mean "how to use LTS?"
>
> 1.  recognise that long-term support is mostly security updates which
> close vulnerabilities that are detected after release,
>
> 2.  set up and test the automated installation of the security updates
> (using http://security.debian.org/ in sources.list); if network
> bandwidth for updates is a problem, avoid deploying certain large
> packages, set large packages to hold using dpkg, switch to using
> ostree, delta packages, or use other tricks,
>
> 3.  make a list of packages for which you need long-term support; such
> as the list of packages in your product, (sudo dpkg-query -W),
>
> 4.  subtract from the list any that the Debian release notes
> specifically exclude; such as WebKit or VirtualBox; and figure out how
> to self-support those packages,
>
> 5.  the remaining packages are long-term supported; so ensure the
> debian-security-support package is installed and is configured to
> inform the user somehow.
>
> --
> James Cameron
> http://quozl.netrek.org/
> _______________________________________________
> Server-devel mailing list
> Server-devel at lists.laptop.org
> http://lists.laptop.org/listinfo/server-devel
>
> --
> Unsung Heroes of OLPC, interviewed live @ http://unleashkids.org !
> <http://lists.laptop.org/listinfo/server-devel>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.laptop.org/pipermail/server-devel/attachments/20170220/832a7142/attachment.html>

More information about the Server-devel mailing list