[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#672695: wordpress: no sane way for security updates in stable releases

On Sun, 2012-05-13 at 09:55 +0100, Jon Dowland wrote:
> On Sun, May 13, 2012 at 11:13:05AM +1000, Russell Coker wrote:
> > On Sun, 13 May 2012, Bernd Zeimetz <bernd@bzed.de> wrote:
> > > Being forced to upgrade to a new major version by a stable security support
> > > is nothing we should force our users to. Debian stable is known for
> > > (usually) painfree updates and bugfixes only, not for shipping completely
> > > new versions with a forced migration. Therefore - in my opinion - we
> > > should not ship wordpress in Wheezy, at least not until upstream handles
> > > such issues in a sane way.
> > 
> > Forcing users to manually install and update it or to use a package from 
> > outside Debian are also options that aren't good for users.
> If we can't provide stable packages then I don't see what value we add by
> packaging it at all.  I wonder what the ratio of wordpress+debian users is
> who use the package versus those that hand-install anyway, and whether that
> is something that could ever be feasibly estimated.

The value is the same as for most packages: it's easy to install and
easy to upgrade (I assume; I don't use Wordpress).  Yes, the expected
stability is lost.  But I suspect many of our users would be happier
with up-to-date applications and a stable core.  Of course, for any
application that we expect to receive more substantial updates during a
stable release, this does need to be documented.


Ben Hutchings
The two most common things in the universe are hydrogen and stupidity.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: