Dmitry Smirnov <[email protected]> writes: > As far as we're aware even latest of 1.8 series still have unresolved > security > vulnerabilities that are fixed in 2.x.
Are there additional issues besides #683273? I suggest filing bugs for them in Debian's BTS to make sure they are dealt with before the release. > Christoph knows more about it. Recently he mentioned that 1.8 has several > security vulnerabilities that can't be fixed because the Zabbix developers > are > unable to backport the fix. > > If so we'd better upgrade to 2.x rather than being stuck with insecure 1.8 or > experience delays with regards to security updates. Wouldn't we have the same problem later even if we include 2.0.x in Wheezy now? > At the moment because of freeze policy it is not clear if we will be able to > make 2.x to Wheezy or if Wheezy will be released with 1.8.11. Releasing with a version that has known security issues seems like a bad idea. Ansgar -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
