[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 3389-1] elasticsearch end-of-life

Vincent Bernat <bernat@debian.org> wrote:
> There are many tradeoffs recently with projects that do not want to
> provide a sensible security track for stable releases:
>  - always package the latest release (Chromium)

For chromium and iceweasel the vast amount of security issues doesn't leave
much other options.

elasticsearch isn't that category, they simply have chosen to be secretive
from now on and I don't see why we should cater to uncooperative upstreams
with special handling.

Hopefully we'll have PPAs/bikesheds soon, that seems like a proper candidate
for cases like that.


Reply to: