Re: Incorrect information in security tracker regarding the mahara package
On 10/22/09, Francois Marier wrote:
> I'm one of the upstream developers (and the author of the advisory), but
> yes, we did review both 1.0 and 1.1 but only found the problem to be present
> in version 1.1.
thank you very much for the info. i have updated the tracker.
> Both 1.0 and 1.1 are supported upstream, though the 1.0 series only gets
> security fixes.
if only 1.0 is security-supported upstream is it potentially a bad
idea to include 1.1 in squeeze since we need to be able to provide
full security support throughout the lifetime of that release?
mike
Reply to: