[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Dreamhost dumps Debian

Russ Allbery writes ("Re: Dreamhost dumps Debian"):
> Yeah, I know.  But the number of such exceptions is relatively limited,
> enough so that we can issue security advisories saying they're not
> supported any more.  It's not a comfortable compromise, but it seems to be
> a workable one.  The LTS security policy is quite a bit broader in its
> implications.

I think we need to do more than that.  We need to arrange to
automatically disable affected software (by default).  (And that has
to be done in a way that allows an affected user to re-enable it, and
which is sorted out properly on upgrade.)


Reply to: