On 31 Jan 2011, at 21:09, Noah Slater wrote: > > On 31 Jan 2011, at 15:05, Nils Breunese wrote: > >> I saw CouchDB 1.0.2 fixes a security issue. Am I right that 0.11.x won't get >> this fix? Is there an official statement somewhere on what 'series' of >> releases are currently supported? > > I would have said that anything we list on the downloads.html page is a > support version. That means that those versions should receive back-ports for > bugs and security issues. I notice that this has not happened for the 1.0.2 > release and the subsequent security announcement. I can only infer that the > pre-1.0 line is no longer supported and should be removed from this page. > > Thoughts, anyone?
It looks we dropped the ball here. Here's how I think it went: IMHO, the general rule is supporting the current and previous release. We have referred to that rule in the past. I'm not sure that is written down anywhere though. I think this is a good policy either way. We planned to have 1.0.2 and 1.1.0 come out at roughly the same time. As a result, I didn't bother backporting the required patches to the 0.11.x line, effectively ending support. Now 1.0.2 is out and 1.1.0 isn't just yet (I hope soon though) so we effectively broke the rule. I'll look into backporting the required patches to 0.11.x so people can at least do manual fixes. Does that sound like a sensible scenario? Cheers Jan --
