On Mon, Dec 6, 2010 at 12:57 PM, Stephen John Smoogen <smooge(a)gmail.com> wrote:
On Mon, Dec 6, 2010 at 13:38, Jeff Sheltren <jeff(a)osuosl.org>
> On Tue, Nov 30, 2010 at 12:53 PM, Stephen John Smoogen <smooge(a)gmail.com>
>> I plan to EOL mediawiki for the EPEL releases for EL-4,5,6 due to
>> packaging newer ones using mediawiki114,mediawiki115, mediawiki116.
> As far as I can see, 1.14 is not supported upstream. How do you
> propose handling security issues with that version? How will you
> handle the transition from 1.15 when that loses upstream support?
I do not plan to handle security issues.
Are other people worried about EPEL shipping/maintaining packages with
known security issues? Even with a big "DON'T USE THIS PACKAGE" in
the package description and/or README file, I'm sure that there will
be those that install it. This doesn't seem like a very responsible
thing for us to do in general.