Re: Dreamhost dumps Debian
Russ Allbery writes ("Re: Dreamhost dumps Debian"):
> Yeah, I know. But the number of such exceptions is relatively limited,
> enough so that we can issue security advisories saying they're not
> supported any more. It's not a comfortable compromise, but it seems to be
> a workable one. The LTS security policy is quite a bit broader in its
> implications.
I think we need to do more than that. We need to arrange to
automatically disable affected software (by default). (And that has
to be done in a way that allows an affected user to re-enable it, and
which is sorted out properly on upgrade.)
Ian.
Reply to: