| 1 |
В Втр, 17/08/2010 в 11:27 +0200, Alex Legler пишет: |
| 2 |
> but as for removing the old versions, that's something we usually ask |
| 3 |
> people to do after bumping packages with security issues to minimize |
| 4 |
> the risk of people installing possibly vulnerable versions. |
| 5 |
|
| 6 |
I agree with removal but not immediately. Personally I already had |
| 7 |
issues with another web application: it worked in my installation, but |
| 8 |
people were unable to use it after security fix. Since having vulnerable |
| 9 |
but working installation is better then "fixed" but broken, I'd rather |
| 10 |
always kept old versions for some time. Also it's not a big problem to |
| 11 |
have old versions in the tree since you have to specify version number |
| 12 |
explicitly to install them... |
| 13 |
|
| 14 |
-- |
| 15 |
Peter. |
Archives