On Mon, 2008-10-13 at 01:40 +0000, Kevin Kofler wrote:
Why would we want to? Just let things going as long as there is at
least one
maintainer committing something. Even if not all security issues get fixed,
it's better than if none gets fixed.
I disagree with that very strongly.
If we present the _appearance_ of a distro with security updates, while
in fact there are serious security issues being unfixed, then that is
_much_ worse than the current "That distro is EOL. Upgrade before you
get hacked" messaging.
For anything to have the Fedora name on it, it _must_ have guaranteed
security fixes for at least the highest priority issues.
(That's not a decree; I'm not in a position to make such. It's just
common sense.)
--
David Woodhouse Open Source Technology Centre
David.Woodhouse(a)intel.com Intel Corporation