Russ Allbery writes ("Re: Dreamhost dumps Debian"):
> Yeah, I know. But the number of such exceptions is relatively limited,
> enough so that we can issue security advisories saying they're not
> supported any more. It's not a comfortable compromise, but it seems to be
> a workable one. The LTS security policy is quite a bit broader in its
> implications.
I think we need to do more than that. We need to arrange to
automatically disable affected software (by default). (And that has
to be done in a way that allows an affected user to re-enable it, and
which is sorted out properly on upgrade.)
Ian.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/21012.42837.594440.318...@chiark.greenend.org.uk
