Le 27 août 2013 19:32, "Ian Jackson" <firstname.lastname@example.org> a écrit :
> Russ Allbery writes ("Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)"):
> > If we're going to offer meaningful security support, we have to have a
> > bug-fixer of last resort, and that's the party most stressed by extending
> > security support. Particularly since that for every year we extend it,
> > more maintainers will be uninterested in doing so for their own packages.
> This is for the the key point. In practice fairly few maintainers are
> going to be willing to put in extra effort for longer support - and
> particularly not in the cases where this is most difficult.
> So any proposal to do an LTS involves almost all of the extra security
> effort falling on the LTS security team. That we don't have an LTS
> security team composed of people willing to shoulder that burden is
> the reason we don't have an LTS. Statements that "maintainers should
> help out" are not encouraging.
> If it turns out that there are people who _do_ want to do that work,
> with a minimum of concrete help from maintainers, then of course that
> is to be encouraged.
> > Alternately, we could be far more aggressive about removing packages from
> > oldstable, I suppose, but I don't think that's a good idea; that just
> > leaves our users with exactly the sorts of choices that we're trying to
> > avoid. I think it's much cleaner and better for our users to offer full
> > security support and then retire the whole distribution at the same time.
> > It makes planning considerably easier, among other things.
> Worse: in practice, removing packages is invisible to the users and
> their package manager. The `removed' packages just remain,
> vulnerable, on the users' systems.
Why not un this case creating an empty package depending of an non existing package ?
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com
> Archive: firstname.lastname@example.org">http://email@example.com