[Mageia-dev] Proposal for backport process and policy
blind Pete
0123peter at gmail.com
Tue Jul 26 07:56:36 CEST 2011
on Tue, 26 Jul 2011 08:34
in the Usenet newsgroup gmane.linux.mageia.devel
Samuel Verschelde wrote:
[snip]
> *** Old backports ***
> Remove old backports when newer ones are submitted
> - otherwise we let people use old bugged or plagged with security issues
> packages, when they don't necessarily know that there are problems with them
> - simpler choice : users have to choose between the version in updates and the
> one in backports, not more
> - less space on mirrors (fear wesnoth and vegastrike multiple backports !)
>
> Thank you for reading.
>
> Best regards,
>
> Samuel Verschelde
It is theoretically possible that there could be multiple versions with
bug fixes and feature enhancements with no known security problems in any
of them. FireFox appears to be almost going down that path. I think
that FF 5 is just FF 4.0.3 with a silly name - please correct me if I am
wrong - and 5 should obsolete 4. But I can imagine several versions
existing during the life of a LTS release.
The deletion criteria should be, "there is a vulnerability that that is
not going to be fixed". That is usually, but not always the same as,
"there is a new version".
Is it possible that a feature enhanced version could be a suggested
update until a security hole is discovered in the old version, then
the new version becomes an update?
If you make an administrative decision that five versions of FF is
too many I won't complain.
More information about the Mageia-dev
mailing list