[Mageia-dev] Proposal for backport process and policy

blind Pete 0123peter at gmail.com
Tue Jul 26 07:56:36 CEST 2011


on Tue, 26 Jul 2011 08:34
in the Usenet newsgroup gmane.linux.mageia.devel
Samuel Verschelde wrote:

[snip]
> *** Old backports ***  
> Remove old backports when newer ones are submitted
> - otherwise we let people use old bugged or plagged with security issues 
> packages, when they don't necessarily know that there are problems with them
> - simpler choice : users have to choose between the version in updates and the 
> one in backports, not more
> - less space on mirrors (fear wesnoth and vegastrike multiple backports !)
> 
> Thank you for reading.
> 
>  Best regards,
> 
> Samuel Verschelde

It is theoretically possible that there could be multiple versions with 
bug fixes and feature enhancements with no known security problems in any 
of them.  FireFox appears to be almost going down that path.  I think 
that FF 5 is just FF 4.0.3 with a silly name - please correct me if I am 
wrong - and 5 should obsolete 4.  But I can imagine several versions 
existing during the life of a LTS release.  

The deletion criteria should be, "there is a vulnerability that that is 
not going to be fixed".  That is usually, but not always the same as, 
"there is a new version".  

Is it possible that a feature enhanced version could be a suggested 
update until a security hole is discovered in the old version, then 
the new version becomes an update?  

If you make an administrative decision that five versions of FF is 
too many I won't complain.  



More information about the Mageia-dev mailing list