Re: webapps in stable release cyles Was: flashplugin-nonfree in Debian

[Romain Beauxis <toots@rastageeks.org>]

	Hi !

Le Wednesday 22 April 2009 09:07:58 Jan Wagner, vous avez écrit :
> > I've requested a slot at DebConf to discuss this into detail, though
> > feel free to start a discussion already on debian-devel.
>
> sorry for coming around with another issue. While reading your comment
> without giving any details about your ideas, I don't know if our problem
> maybe related, sorry if not.
> There are many packages, which are frequently removed from testing right
> before the release, cause of (potential) security issues and not getting in
> worries with the security team. Other packages may be obsoleted by upstream
> and lose their support.
> This is often the case for web applications. We had something in mind we
> summarized at http://wiki.debian.org/Proposals/Webapps.

I also believe this is an interesting proposal. 

Additionally, even though webapps upstream can provide a bugfix release with 
only security-related fixes, due to the nature of the security issues in 
webapps, this can also mean hudge changes which are not easy at all to review 
for a security upload. This is was the case for the latest security upload of 
mediawiki (version 1:1.12.0-2lenny3).

However, I wonder if this would need yet another archive, or just an update of 
a policy, either in backports.org or volatile..

Romain