Fedora products, to upgrade rather than backport?
Michal Jaegermann
michal at harddata.com
Mon May 15 20:07:47 UTC 2006
On Mon, May 15, 2006 at 02:29:03PM -0500, Eric Rostetter wrote:
>
> Depends on what transparent means. If you want to be transparent in the
> sense of not breaking people's working machines, then no, you should
> backport.
When people intimately familiar with a given code, because they
authored it, do not even attempt to provide security patches for
older versions as internals were completely re-written and it is
not even clear how to patch old holes, you expect that a small
group of volunteers will do a deep analysis and come quickly with
correct and safe patches for whatever? Such request is not even
funny.
In case you wonder the above was exactly the case with relatively
recent updates to sendmail and is normally the case with mozilla
(try to peek into that code and you will see why).
What is more such "leaf" applications, as opposed to deeply
intertwined libraries, are not a real problem - packaging hiccups
notwithstanding. On one occasion I was replacing sendmail with a
current version on a system with a provenience susbtantially earlier
than whatever is supported by Legacy. It was not an issue. True,
compile options had to be adjusted to what was available and a
symlink or two was needed, and one had to be mildly careful with a
configuration, but no real "show stoppers".
Not mentioning, of course, that if you know proven patches to old
versions then you should not sit on that information.
Michal
More information about the fedora-legacy-list
mailing list