[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: a plan for updates after end of life

On Sat, Feb 09, 2008 at 11:36:00PM +0530, Rahul Sundaram wrote:
> It is possible for volunteer based projects to give a better timeframe than 
> merely a ad-hoc maintenance policy. We need to do this in a more organized 
> way for end users to take advantage of this. If say the kernel or ssh isn't 
> maintained and has security issues, would it really be useful for some of 
> the other core packages to get updates?

Since they are in the Core+Base comps group, if one of these packages
isn't maintained anymore the whole branch is dropped (as said in my

> How do we really know that? I don't think anybody has really looked at the 
> man power required for doing just critical security fixes for a few months 
> more.

If we have a maintainer ready to do that for the Core+Base package this
would already be very nice. We could expand our promises if it works
well, but currently I think that a no warranty proposal like the one I
propose is better.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]