[Mageia-sysadm] Question about Sympa
Michael Scherer
misc at zarb.org
Wed Nov 10 02:15:22 CET 2010
Le mardi 09 novembre 2010 à 14:56 +0000, Colin Guthrie a écrit :
> 'Twas brillig, and Olivier Thauvin at 09/11/10 00:41 did gyre and gimble:
> > * Dexter Morgan (dmorganec at gmail.com) wrote:
> >> Hello,
> >>
> >> in alamut we have sympa 6.0.2, the last version is 6.1.x and contains
> >> in its changelog "WE STRONGLY SUGGEST YOU TO UPGRADE ANY PREVIOUS
> >> VERSION TO 6.1.1"
> >> There is a lot of changes and they looks interesting (
> >> http://www.sympa.org/distribution/latest-stable/NEWS ).
> >>
> >> What do you think about this ? do we only update our sympa to last
> >> 6.0.x version or do we switch to sympa 6.1.x ?
> >
> > I don't have a rule that work all the time about this.
> >
> > The main question is "what would we update and what is the cost ?".
> >
> > By cost understand: the time to backport it, the problem this new
> > version can cause and will we be affected by potentials bug fixed by
> > this version.
> >
> > In doubt, do nothing, it will still be time to upgrade later.
>
> So those CSS, CSRF, brute force and DoS attack vectors the changelog
> mentions are nothing to worry about then?
Then we need to issue a security update I guess.
--
Michael Scherer
More information about the Mageia-sysadm
mailing list