Re: spamassassin update
On Mon, 2015-02-02 at 14:12 +0800, Bret Busby wrote:
> On 02/02/2015, Matt Palmer <mpalmer@debian.org> wrote:
> > On Sun, Feb 01, 2015 at 09:49:15AM -0800, Noah Meyerhans wrote:
> >> Let me know if I should go ahead with this upload, or if anything else
> >> is needed.
> >
> > You should not go ahead with this upload.
> >
> >> diff -Nru spamassassin-3.3.1/debian/changelog
> >> spamassassin-3.3.1/debian/changelog
> >> --- spamassassin-3.3.1/debian/changelog 2013-03-12 08:06:16.000000000
> >> -0700
> >> +++ spamassassin-3.3.1/debian/changelog 2015-01-31 22:51:43.000000000
> >> -0800
> >> @@ -1,3 +1,11 @@
> >> +spamassassin (3.3.1-1.2) squeeze-lts; urgency=medium
> >> +
> >> + * Export perl_version to rules. (Closes: 771408)
> >
> > Based on my reading of that bug report, it is not an appropriate bug to be
> > addressed in a security update.
> >
>
> So, is the "LTS" only for security updates, and, not for fixing
> software problems?
>
> Clarification would be good, for we lay people - the users.
Bret,
Per https://wiki.debian.org/LTS
LTS: Long Term Support
LTS (Long Term Support) is a project for providing security patches
after oldstable reached its end of life.
It is important that LTS keep to these goals, as those users who depend
on this are looking for conservative changes to systems that have not
yet been able to be upgraded.
I'm sure there will be difficult calls in the months ahead, particularly
where the security part of a patch are difficult to disentagle, and may
be better-tested in a broader update. But while we find our feet, it
will be much easier to follow a rule of 'security' vs 'not security'
than any other broader standard of impact/severity.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Reply to: