Re: Wordpress in etch
Steve Langasek wrote:
> Security Team,
>
> On Mon, Mar 05, 2007 at 10:27:00PM +0000, Kai Hendry wrote:
> > As micah suggests I will offer a "firm commitment to actually making
> > the security updated packages when the hole comes out, and even drafting
> > the DSA and delivering it to the security team on a silver platter) and
> > if it becomes untenable I will support the removal"
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We can't sanely remove a package from a stable release.
> > Below is the last email from upstream confirming support.
>
> Is this satisfactory? Should this bug be closed?
No, I still believe it's not supportable over the course of a stable
release and has security issue too frequently.
Instead of focusing on each one's pet package we need to look at the
big picture. Maintaining security support for a distribution of the
size of Debian is already difficult enough.
If there's user interest in Wordpress, I recommend to maintain it through
volatile.
EOD for me.
PS: I need to correct my earlier remark. Even Gentoo ceased security support
for Wordpress (and they don't even do backports):
http://bugs.gentoo.org/show_bug.cgi?id=168529
Cheers,
Moritz
Reply to: