package stability

Stephen John Smoogen smooge at gmail.com
Thu Mar 8 23:57:27 UTC 2007


On 3/8/07, Patrice Dumas <pertusus at free.fr> wrote:
> On Thu, Mar 08, 2007 at 04:20:32PM -0600, Mike McGrath wrote:
> > Fedora extras supports a lifecycle that is less than two years.
> > Typically about 1 year.  EPEL is different, requiring many years.  If I
> > release nagios 2.7 right now in EPEL (which I have), I'll still be
> > maintaining it in 2010[1].  At which point in time nagios might not even
> > exist anymore, or it could be at version 5.3.  The fact is there is NO
> > way you're going to get me to do backports of it if a vulnerability is
> > found.  Its just not going to happen, mostly because I'm a terribly
> > crappy programmer.  Packagers != programmers.  Backporting requires
> > skilled labor which not everyone (including myself) will be able to do
> > for antient packages (which nagios 2.7 will be by 2010).
>
> Then maybe nagios isn't right for EPEL main, but better suited for
> EPEL 'plus'? Anyway it is not necessarilly you who will do the backport.
> Maybe you know that there are debian people who fix the security bugs,
> maybe there are people interested in the package, but not in fedora/RHEL
> who are willing to keep old versions. (by the way nagios is an app,
> isn't it?).
>

What package are you going to say that you will support for the next 7
years for multiple releases of RHEL [say 2.1,3.8,4.x,5.x with 7 years
for 5.x?]


-- 
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"




More information about the epel-devel-list mailing list