Am Fri, Aug 05, 2022 at 11:48:43AM +0200 schrieb Raphael Hertzog:
> Hello,
>
> On Wed, 03 Aug 2022, Sylvain Beucler wrote:
> > OpenStack: we tend not to support openstack beyond upstream's support, but
> > I'm having a hard time associating the components version with OpenStack's
> > major version; possibly other openstack packages (horizon, manila,
> > neutron...) are concerned; see also
> > https://access.redhat.com/support/policy/updates/openstack/platform/ ; if
> > somebody is more familiar with openstack, input would be appreciated :)
> > - keystone https://lists.debian.org/debian-lts/2020/05/msg00011.html
>
> FWIW, I got some private feedback from an LTS sponsor that they are still
> running Openstack on buster so it would be nice if we could try to support
> it this time around.
>
> The number of CVE on Openstack related packages seem to be low.
>
> Do you see any reason why we should not try to support it?
FWIW, I agree with Thomas's statement that the amount of security issues
in OpenStack has gone down significantly (and if there are any, they are
typically harmless as well).
Cheers,
Moritz
