Security Response Team / EOL
Axel Thimm
Axel.Thimm at ATrpms.net
Sat Apr 29 16:02:25 UTC 2006
On Sat, Apr 29, 2006 at 11:54:27AM -0400, Jesse Keating wrote:
> On Sat, 2006-04-29 at 17:42 +0200, Axel Thimm wrote:
> > I think we're arguing on the same side. We all want to look
> > forward with our packaging. And freezing upgrades on legacy
> > releases will only make packagers spend more time with old stuff
> > (backporting security fixes) that will then be missed with ongoing
> > stuff. Even in the ideal situation of 2 current and 2 legacy
> > releases you end up maintaining 3 versions of a package. And right
> > now we are still far from 2 legacy releases (we're at 5).
>
> Ok, here's the source of our problem. You've assumed that security
> fixes have to be backported. Nowhere is this / should this be said.
Well, it was suggested on this thread and wasn't outruled (yet).
> I'm perfectly fine with doing package UPgrades to fix a security
> issue. I just don't want to see upgrades just for the sake of
> upgrades. Upgrades should happen only to resolve a security issue.
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20060429/cd0787ba/attachment.sig>
More information about the fedora-extras-list
mailing list