[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: wordpress packages


as a preface: i really don't have any opinion about the particular issue
of packaging stuff for wordpress.  but:

On Wed, 2007-05-09 at 18:08 +1000, Russell Coker wrote:
> On Wednesday 09 May 2007 07:39, Moritz Muehlenhoff <jmm@inutil.org> wrote:
> > In reality they'll be included unreviewed, the maintainer will lose
> > interest half a year after the stable release and the security team will
> > have to deal with all that junk every couple of months. So, don't do that.
> How do you think it would be different from typical Debian packages in this 
> regard?

in the sense that most deadware floating in main is not as likely to be
remotely accessible and thus is not as likely to have remotely
exploitable security issues?

> It seems like a bad idea to avoid packaging software (thus losing the users 
> the security benefits of the packaging) because of the potential for security 
> issues.

from my limited experience/observations, i'll bet that debian security
folks (esp secure-testing) would beg to differ.


Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: