Hi all, On Mon, 19 Sep 2011 03:43:14 -0500, James Bennett <ja...@b-list.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Raphael Hertzog wrote: >> The last 2 release (besides the current one) are security maintained, >> aka 1.1 and 1.2. Since 1.1 has not seen any update, it means it's not >> affected and thus 1.0 isn't as well. >> >> But we can verify this. I'm ccing James Bennett, the Django release >> manager. Can you confirm what I said, James? > > I have a subscription that already gets me on these bugs :) > > Anyway, our policy is that the most recent release (1.3) gets both > security and general bug fixes, while the release prior to it (1.2) gets > only security. We don't support anything older than that. > > That means we no longer support 1.1 or earlier versions in any official > way. I'm quite certain that at least some of the security issues > (especially the URLField problems) are present in 1.1.
Is work in progress on updates for squeeze and lenny of Django for these issues? thanks, Thijs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
