Ray Johannsson wrote:
I was wondering if there's any sort of planned end-of-life date for when security patches will no longer be provided for Tomcat 5.5.x and 6.0.x ?
Nothing is certain since it all depends on how much effort the release managers are able / want to put in.
That said, as the RM for 4.1.x I see security fix support continuing for at least 2008. Beyond that? Depends if there is any sign on the users list of people still using it. I still see the odd message from a 4.1.x user and it isn't as if doing around a release a year is taxing.
5.5.x has around 100 open bugs that are slowly getting fixed. My guess is that these will be fixed in the next 12 months and then 5.5.x will move to releases only when there are security fixes. Bugs will probably still get fixed as well, but maybe not.
6.0.x will continue for a while. There are plans for a 6.2.x that will have some very minor API changes but, since they are API changes, we will call it 6.2.x. When this will happen? Don't know. Because the API changes are so minor and the upgrade path trivial for 99.99% of users then there is a small chance we will stop all support for 6.0.x at that point and move to 6.2.x. What actually happens will depend again on what people want to do, the size of the API change and if they think the effort of continuing to maintain 6.0.x is worth it.
We're upgrading from 5.0.x and I want to make sure we don't have to upgrade again for a while (ideally not until sometime in 2009).
I would go (and have gone) with 6.0.x, accept that there may be a change to 6.2.x but that you can almost certainly treat it like to 6.0.x to 6.0.x+1 upgrade. If this isn't the case then it is almost certain 6.0.x support will continue.
Bear in mind I am only one committer. The others may have very different views but I suspect their recommendation will be the same - go with 6.0.x.
HTH, Mark --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
