Am Montag, dem 17.07.2023 um 18:12 +0200 schrieb Lennart: > Hi Markus, > > Thanks for your reply. What is the LTS team's policy for security bugs? > Under which conditions are packages upgraded and under which conditions > are current versions patched? Information about this would be especially > helpful if it's notably different from stable and oldstable.
This is decided case-by-case. It depends on the severity of the security vulnerability and the impact on reverse-dependencies. We try to avoid packaging new upstream releases for libraries or even whole computer languages but if there is no targeted fix for older versions and the software in question is unsupported upstream, we have to look at other solutions to address the problem. The policy for stable and oldstable is identical. Regards, Markus
signature.asc
Description: This is a digitally signed message part
