Security Response Team / EOL

Jesse Keating jkeating at
Sat Apr 29 15:54:27 UTC 2006

On Sat, 2006-04-29 at 17:42 +0200, Axel Thimm wrote:
> I think we're arguing on the same side. We all want to look forward
> with our packaging. And freezing upgrades on legacy releases will only
> make packagers spend more time with old stuff (backporting security
> fixes) that will then be missed with ongoing stuff. Even in the ideal
> situation of 2 current and 2 legacy releases you end up maintaining 3
> versions of a package. And right now we are still far from 2 legacy
> releases (we're at 5). 

Ok, here's the source of our problem.  You've assumed that security
fixes have to be backported.  Nowhere is this / should this be said.
I'm perfectly fine with doing package UPgrades to fix a security issue.
I just don't want to see upgrades just for the sake of upgrades.
Upgrades should happen only to resolve a security issue.

Jesse Keating
Release Engineer: Fedora
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the fedora-extras-list mailing list