Certbot and stretch-backports


#1

Hi

Could someone maybe answer this simple question: Why is certbot using the stretch-backports?

For my understanding: backport includes not only stretch stable releases but also development releases. Is that somehow correct?

Thank you and cheers,
Jan


#2

certbot is available in the stretch release also. It’s just a newer version is available in backports.

I believe the certbot website recommends the backports version because it works much better in light of the recent TLS-SNI vulnerability. Older versions require some extra flags to work properly in many cases.

Backports includes only packages considered stable enough for the next Debian release. It shouldn’t contain development releases of any software.

Updates from the backports policy only violate the Debian stability promise of not changing certain things within releases; they are not “unstable” in the broken or crashing sense.


#3

Cool! Thank you for the reply and explanations… :slight_smile:


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.