Re: Suggestion: Release sarge without security support

To: Laszlo 'GCS' Boszormenyi <gcs@lsc.hu>
Cc: debian-release@lists.debian.org
Subject: Re: Suggestion: Release sarge without security support
From: Florian Weimer <fw@deneb.enyo.de>
Date: Mon, 22 Nov 2004 20:10:21 +0100
Message-id: <[🔎] 87wtwdvgwy.fsf@deneb.enyo.de>
In-reply-to: <[🔎] 20041122173847.GA26952@pooh> (Laszlo Boszormenyi's message of "Mon, 22 Nov 2004 18:38:47 +0100")
References: <[🔎] 87pt25yffq.fsf@deneb.enyo.de> <[🔎] 20041122173847.GA26952@pooh>

* Laszlo Boszormenyi:

>> Why can't we treat security support like a broken package, and remove
>> it if it isn't fixed by its maintainers?

>  Because you miss the point. You remove the package from the archive,
> and not from the users' system. So the users would be still vulnerable,
> and everyone would hate Debian.

I'm not suggesting to carry out security support by removing broken
packages (that's almost impossible after a release, as you correctly
noted).  I'm suggesting to drop security support as a whole, like a
package with a release-critical bug is removed from the release if it
isn be fixed by the maintainers (or someone else who has the
necessarily knowledge and authorization to implement a fix).

No security support means exactly what it says: doing nothing, not
even removing affected packages.

Reply to:

Follow-Ups:
- Re: Suggestion: Release sarge without security support
  - From: Matthias Urlichs <smurf@smurf.noris.de>

References:
- Suggestion: Release sarge without security support
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Suggestion: Release sarge without security support
  - From: Laszlo 'GCS' Boszormenyi <gcs@lsc.hu>

Prev by Date: Re: Suggestion: Release sarge without security support
Next by Date: Re: Suggestion: Release sarge without security support
Previous by thread: Re: Suggestion: Release sarge without security support
Next by thread: Re: Suggestion: Release sarge without security support
Index(es):
- Date
- Thread