hi, as a preface: i really don't have any opinion about the particular issue of packaging stuff for wordpress. but: On Wed, 2007-05-09 at 18:08 +1000, Russell Coker wrote: > On Wednesday 09 May 2007 07:39, Moritz Muehlenhoff <jmm@inutil.org> wrote: > > In reality they'll be included unreviewed, the maintainer will lose > > interest half a year after the stable release and the security team will > > have to deal with all that junk every couple of months. So, don't do that. > > How do you think it would be different from typical Debian packages in this > regard? in the sense that most deadware floating in main is not as likely to be remotely accessible and thus is not as likely to have remotely exploitable security issues? > It seems like a bad idea to avoid packaging software (thus losing the users > the security benefits of the packaging) because of the potential for security > issues. from my limited experience/observations, i'll bet that debian security folks (esp secure-testing) would beg to differ. sean
Attachment:
signature.asc
Description: This is a digitally signed message part