a plan for updates after end of life
Patrice Dumas
pertusus at free.fr
Sat Feb 9 18:12:44 UTC 2008
On Sat, Feb 09, 2008 at 11:36:00PM +0530, Rahul Sundaram wrote:
>
> It is possible for volunteer based projects to give a better timeframe than
> merely a ad-hoc maintenance policy. We need to do this in a more organized
> way for end users to take advantage of this. If say the kernel or ssh isn't
> maintained and has security issues, would it really be useful for some of
> the other core packages to get updates?
Since they are in the Core+Base comps group, if one of these packages
isn't maintained anymore the whole branch is dropped (as said in my
proposal).
> How do we really know that? I don't think anybody has really looked at the
> man power required for doing just critical security fixes for a few months
> more.
If we have a maintainer ready to do that for the Core+Base package this
would already be very nice. We could expand our promises if it works
well, but currently I think that a no warranty proposal like the one I
propose is better.
--
Pat
More information about the devel
mailing list