Gentoo Archives: gentoo-dev

From: Pacho Ramos <pacho@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] rfc: stabilization policies
Date: Wed, 21 Aug 2013 11:19:49
Message-Id: 1377083970.4384.7.camel@localhost
In Reply to: Re: [gentoo-dev] rfc: stabilization policies by Tom Wijsman
1 El mié, 21-08-2013 a las 11:16 +0200, Tom Wijsman escribió:
2 [...]
3 > That's not what I am suggesting.
4 >
5 > It is not about bringing in new versions, but about getting rid of
6 > OLD versions which LIKELY contain MORE security problems than you
7 > imagine. Keeping them around for too long time isn't reasonable...
8 >
9
10 I agree with seeing this problem, I guess it occurs because we
11 (maintainers) usually forget about dropping old versions once last arch
12 is done (probably because usually it takes long time to get all arches
13 done). Maybe allowing all parties (maintainers, security and last arch
14 team) cleanup old version could help :/ (I guess, there is no way to
15 automatically notify maintainers about last arch doing the stabilization
16 and, then, letting us drop it)