On 5/9/07, Hans Hagen <pragma at wxs.nl> wrote:

> Dr. Werner Fink wrote:
> > Updates within an old distribution are nogoes for distributors. This
> > because you can not destroy certifications and tested states of an
> > existing product by getting unkown side effects with new binaries
> > in an existing package.  The way to go is to fix the security issue
> > and provide an update with a binary patch on the existing package.
> > Our QA would never accept a full update to an new version of texlive
> > on an old product line without a real BETA testing session.
> >
> sure, but i'm not talking of a massive update, just the self contained
> pdftex binary, which is one file
> normally pdftex is downward compatible (esp when kpse in linked in as
> well) so if should work with older distributions

While this might be true for pdftex, it isn't going to convince distributors
to change their policies.  Distributors don't distinguish between programs
where bugs are generally easy to spot (badly formatted document) and
those where bugs are harder to spot and could have serious consequences.

Testing a security patch on a library has to be done anyway, and is usually
a relatively simple, self-contained, task.  [Not always -- the recent
addition of
sanity checks to libX11 revealed bugs in code that has been used for
some very critical tasks including medical imaging and weather prediction
for over a decade.]

Testing an application is open-ended.   If there is a problem after a
library is
patched, debugging is easier because you know exactly what changed.

TeX Live needs to accommodate the needs of distributors so it can be the
successor to teTeX.  Standards for robustness and reliability are higher today
because you have more systems where TeX is used as part of the build process
for complex systems where the coders may never actually use TeX directly.

