1 |
21.08.2013 12:17, Tom Wijsman пишет: |
2 |
> On Wed, 21 Aug 2013 11:57:22 +0400 |
3 |
> Sergey Popov <pinkbyte@g.o> wrote: |
4 |
> |
5 |
>> 20.08.2013 23:42, Tom Wijsman пишет: |
6 |
>>> On Tue, 20 Aug 2013 14:29:09 -0400 |
7 |
>>> Wyatt Epp <wyatt.epp@×××××.com> wrote: |
8 |
>>>> What manner of bitrot? |
9 |
>>> |
10 |
>>> They might ... |
11 |
>>> |
12 |
>>> 2. ... contain security bugs that later versions have fixed. |
13 |
>> |
14 |
>> There should be security bug on our bugzilla with quick stabilization |
15 |
>> on it and(probably) GLSA. |
16 |
> |
17 |
> Not all security bugs are visible; the older a piece of software, the |
18 |
> higher the chance that some people know about one or another exploit |
19 |
> that the rest of the world does not know about. |
20 |
> |
21 |
|
22 |
True. But blindly bringing new versions into stable(without testing) |
23 |
cause it POSSIBLY(without ChangeLog notes or CVES or whatever) contains |
24 |
LESS security problems is not an option. Stable should be reasonable |
25 |
|
26 |
-- |
27 |
Best regards, Sergey Popov |
28 |
Gentoo developer |
29 |
Gentoo Desktop Effects project lead |
30 |
Gentoo Qt project lead |
31 |
Gentoo Proxy maintainers project lead |