Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

To: Ian Jackson <ijackson@chiark.greenend.org.uk>
Cc: Debian Devel List <debian-devel@lists.debian.org>
Subject: Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
From: Bastien ROUCARIES <roucaries.bastien@gmail.com>
Date: Tue, 27 Aug 2013 22:14:54 +0200
Message-id: <[🔎] CAE2SPAYTZhxVRVAYhSJbhihhkk-=NBLWyUOD_X5O7zQLwvpTSw@mail.gmail.com>
In-reply-to: <[🔎] 21020.58018.931259.723439@chiark.greenend.org.uk>
References: <[🔎] 1376942753-sup-2696@fewbar.com> <[🔎] m3y57xjsg6.fsf@neo.luffy.cx> <[🔎] 20130820000440.GA25760@falafel.plessy.net> <[🔎] 20130826093106.149379kk0chnydkq@mail.das-netzwerkteam.de> <[🔎] 521B1C71.6070806@balintreczey.hu> <[🔎] 20130826103301.GP5936@halon.org.uk> <[🔎] 521BEECC.9060203@debian.org> <[🔎] 20130827085613.GA10599@feivel.credativ.lan> <[🔎] CAKcBoksYFzMkRCJztoCdwNadtvbtnmny1D48yooUpJhS1MicUw@mail.gmail.com> <[🔎] 1377600118.16071.33.camel@deadeye.wl.decadent.org.uk> <[🔎] 20130827120944.GA10917@halon.org.uk> <[🔎] CAKcBokv8PbDe1_uak-qGrwC2QH1rMLpZNtD6hyBdG0Oq9YyqZg@mail.gmail.com> <[🔎] 87ppszjblu.fsf@windlord.stanford.edu> <[🔎] 21020.58018.931259.723439@chiark.greenend.org.uk>

Le 27 août 2013 19:32, "Ian Jackson" <ijackson@chiark.greenend.org.uk> a écrit :
>
> Russ Allbery writes ("Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)"):
> > If we're going to offer meaningful security support, we have to have a
> > bug-fixer of last resort, and that's the party most stressed by extending
> > security support. Particularly since that for every year we extend it,
> > more maintainers will be uninterested in doing so for their own packages.
>
> This is for the the key point. In practice fairly few maintainers are
> going to be willing to put in extra effort for longer support - and
> particularly not in the cases where this is most difficult.
>
> So any proposal to do an LTS involves almost all of the extra security
> effort falling on the LTS security team. That we don't have an LTS
> security team composed of people willing to shoulder that burden is
> the reason we don't have an LTS. Statements that "maintainers should
> help out" are not encouraging.
>
> If it turns out that there are people who _do_ want to do that work,
> with a minimum of concrete help from maintainers, then of course that
> is to be encouraged.
>
> > Alternately, we could be far more aggressive about removing packages from
> > oldstable, I suppose, but I don't think that's a good idea; that just
> > leaves our users with exactly the sorts of choices that we're trying to
> > avoid. I think it's much cleaner and better for our users to offer full
> > security support and then retire the whole distribution at the same time.
> > It makes planning considerably easier, among other things.
>
> Worse: in practice, removing packages is invisible to the users and
> their package manager. The `removed' packages just remain,
> vulnerable, on the users' systems.

Why not un this case creating an empty package depending of an non existing package ?
>
> Ian.
>
>
> --
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 21020.58018.931259.723439@chiark.greenend.org.uk">http://lists.debian.org/[🔎] 21020.58018.931259.723439@chiark.greenend.org.uk
>

Reply to:

Follow-Ups:
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>

References:
- Re: Dreamhost dumps Debian
  - From: Clint Byrum <spamaps@debian.org>
- Re: Dreamhost dumps Debian
  - From: Vincent Bernat <bernat@debian.org>
- Re: Dreamhost dumps Debian
  - From: Charles Plessy <plessy@debian.org>
- Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Balint Reczey <balint@balintreczey.hu>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Neil McGovern <neilm@debian.org>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Thomas Goirand <zigo@debian.org>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Michael Meskes <meskes@debian.org>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Pau Garcia i Quiles <pgquiles@elpauer.org>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Neil McGovern <neil@halon.org.uk>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Pau Garcia i Quiles <pgquiles@elpauer.org>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Russ Allbery <rra@debian.org>
- Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>

Prev by Date: Re: Custom Reload command/signal in upstart
Next by Date: Re: Dreamhost dumps Debian
Previous by thread: Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
Next by thread: Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)
Index(es):
- Date
- Thread