Re: Policy regarding security support for 0.96
On Wed, Aug 27, 2008 at 11:43 AM, David Spreen <[EMAIL PROTECTED]> wrote: > As you might know, 1.0 will come too late for Debian Lenny (unless we > will get a freeze exception which at this time seems rather unlikely). > Since Security is important to Debian, I wondered if there is a policy > as to how long old stable releases (in this case 0.96) will receive > security support. First, we'll release security fixes at least until the 1.2 release, and possibly longer if someone is interested enough to volunteer to help us backport fixes. This'll probably happen; it's not a large amount of work. However: is there anything we can do to get an exception for 1.0 in Lenny? I know bupkiss about the Debian process, but obviously getting 1.0 into Lenny would be pretty sweet for us. If there's anything I can do to help make that happen, please point me in the right direction! Jacob --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~--~~~~--~~--~--~---
Re: Policy regarding security support for 0.96
On Wed, Aug 27, 2008 at 12:43 PM, David Spreen <[EMAIL PROTECTED]> wrote: > > Hello, > > I am a member of the Debian Python Modules Team and have been heavily > involved in the transition to Django 1.0 in Debian (1.0~beta2 is about > to be uploaded to experimental). > > As you might know, 1.0 will come too late for Debian Lenny (unless we > will get a freeze exception which at this time seems rather unlikely). > Since Security is important to Debian, I wondered if there is a policy > as to how long old stable releases (in this case 0.96) will receive > security support. > > It says here: http://www.djangoproject.com/documentation/contributing/#reporting-security-issues security fixes will be developed for current and 2 previous releases. So 0.96 will certainly still get security fixes even after 1.0 is released. I believe that means fixes go into trunk, current latest release, and the 2 previous. That is at any rate what was done for the last announced security fix: http://groups.google.com/group/django-announce/browse_thread/thread/903d7c2af239ec42 Karen --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~--~~~~--~~--~--~---
Policy regarding security support for 0.96
Hello, I am a member of the Debian Python Modules Team and have been heavily involved in the transition to Django 1.0 in Debian (1.0~beta2 is about to be uploaded to experimental). As you might know, 1.0 will come too late for Debian Lenny (unless we will get a freeze exception which at this time seems rather unlikely). Since Security is important to Debian, I wondered if there is a policy as to how long old stable releases (in this case 0.96) will receive security support. All my best, David Spreen P.S.: I do not speak on behalf of the Debian Project or the Debian Python Modules Team. All opinions expressed in this post are my own. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~--~~~~--~~--~--~---
