[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#672695: wordpress: no sane way for security updates in stable releases

Jon Dowland wrote:
>On Sun, May 13, 2012 at 11:13:05AM +1000, Russell Coker wrote:
>> On Sun, 13 May 2012, Bernd Zeimetz <bernd@bzed.de> wrote:
>> > Being forced to upgrade to a new major version by a stable security support
>> > is nothing we should force our users to. Debian stable is known for
>> > (usually) painfree updates and bugfixes only, not for shipping completely
>> > new versions with a forced migration. Therefore - in my opinion - we
>> > should not ship wordpress in Wheezy, at least not until upstream handles
>> > such issues in a sane way.
>> 
>> Forcing users to manually install and update it or to use a package from 
>> outside Debian are also options that aren't good for users.
>
>If we can't provide stable packages then I don't see what value we add by
>packaging it at all.  I wonder what the ratio of wordpress+debian users is
>who use the package versus those that hand-install anyway, and whether that
>is something that could ever be feasibly estimated.

Yes, it's difficult to work out. I'd also be worried by the
(potential?) set of users who may just use Wordpress because it's
already packaged and who therefore assume that it's likely to be a
safe option. Without that, they may just use something else.

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
"You can't barbecue lettuce!" -- Ellie Crane
Reply to: