Re: php vulnerabilities
On Wed, Dec 22, 2004 at 09:07:34AM -0500, Michael Stone wrote:
> On Wed, Dec 22, 2004 at 03:03:29PM +0100, Florian Weimer wrote:
> >My best guess is that things are fine until Debian is the last guy
> >left in town, and no one else (upstream, other vendors) support the
> >version in stable. Is this correct?
> Mostly. Unfortunately, that is increasingly the case as debian's release
> cycles stay long and those of other desktop-oriented distributions grow
> shorter. (Server-oriented stuff like RH's enterprise edition has a long
> release cycle but *much* less software.)
BTW, I suspect RHE has a more relaxed policy for security, i.e. major
upgrades are allowed when patching obsolete programs is impractical.
Francesco P. Lovergine