[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#698245: unblock: moodle/2.2.3.dfsg-2.6~wheezy2



On 03/11/2013 10:49 AM, Didier 'OdyX' Raboud wrote:
a) we fail at releasing Moodle updates to unstable in a timely manner (and I
    have my share of the fault here);
b) we consequently fail at releasing Moodle security updates to wheezy in a
    timely manner (this unblock is opened for almost two months);
c) Moodle 2.2 is already not supported anymore by Moodle HQ for anything (not
    even security), according to [0];
    Furthermore on that point, as far as I can see, there is noone taking
    responsibility to handle Moodle 2.2 security on the long term (Moodle in
    Wheezy will need to be security-handled for roughly three years, yet it is
    _already_ not supported).
d) there is (in my opinion) not enough people behind the maintenance of
    Moodle-in-Debian: Thomas is a good DM, but he's mostly alone, and I'm not
    willing to get more involved.

So as much as I find that unfortunate, I think that the best solution for all
of Moodle, Moodle-in-Debian and Debian, is to not ship Moodle 2.2 in Wheezy.

Thomasz, as you're the actual de-facto maintainer, please voice your opinion
as I have voiced mine: the decision is in the hands of the Release Team I
guess.

I have exactly the same concerns. Security fixes has been released for Moodle 2.2 today. I could cherry pick the patches and we could close this bug - not a big deal. They will probably be another security update for Moodle this year but that's it.

Realistically speaking there is no way I can maintain security fixes for non-supported (by upstream) software this size.

I have put Moodle 2.2 into Wheezy as that's the only possible upgrade path for Moodle (1.9 -> 2.2 -> 2.3+).

By not shipping 2.2 in wheezy, we will break the upgrades for any current users. I don't see any other option though. There are talks in Moodle about making LTS version (e.g. 2.6LTS) - and that's probably the only reasonable way to maintain a high quality package like this in Debian.

+1 for not shipping 2.2, breaking the upgrade path for this package, start from 2.5 (or higher) in unstable and provide Moodle LTS editions in Debian stable only.

Tomek


Reply to: