1 |
В Втр, 17/08/2010 в 11:27 +0200, Alex Legler пишет: |
2 |
> but as for removing the old versions, that's something we usually ask |
3 |
> people to do after bumping packages with security issues to minimize |
4 |
> the risk of people installing possibly vulnerable versions. |
5 |
|
6 |
I agree with removal but not immediately. Personally I already had |
7 |
issues with another web application: it worked in my installation, but |
8 |
people were unable to use it after security fix. Since having vulnerable |
9 |
but working installation is better then "fixed" but broken, I'd rather |
10 |
always kept old versions for some time. Also it's not a big problem to |
11 |
have old versions in the tree since you have to specify version number |
12 |
explicitly to install them... |
13 |
|
14 |
-- |
15 |
Peter. |