On 2010-01-22, Thiemo Nagel<thiemo.nagel@ph.tum.de> wrote:
The Security Team has discussed and stated before: If large institutions
want a longer support cycle for oldstable they should colloborate to fund
this externally. Supporting oldstable releases for two more years (i.e.
approx five years altogether and thus with the option to "skip" a release)
should be doable for a single person full time since most of the grunt
work (tracking, triaging and analysing issues, supporting the through the
life time of stable plus one year, etc.) is done by the existing Security
Team.