Security Response Team / EOL
Jesse Keating
jkeating at redhat.com
Fri Apr 28 20:23:41 UTC 2006
On Fri, 2006-04-28 at 13:43 +0200, Patrice Dumas wrote:
> Maybe, but in a project based on voluntary work from packagers,
> putting
> constraint on them is likely to decrease their reactivness, and in
> turn
> it will harm the users. Otherwise said, if the "no updates" policy has
> for consequence "Backporting is too much work, I won't bother for
> that
> EOL FE branch, let the security SIG do the backport if they want to",
> it
> is not a win for the user in my opinion.
Policy doesn't say you can't use a version upgrade to resolve a security
issue, as long as that is the motivation of the version upgrade.
Package updates/upgrades just for the sake of the update/upgrade is what
should be avoided.
--
Jesse Keating
Release Engineer: Fedora
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20060428/4790be06/attachment.sig>
More information about the fedora-extras-list
mailing list