hi, as a preface: i really don't have any opinion about the particular issue of packaging stuff for wordpress. but:
On Wed, 2007-05-09 at 18:08 +1000, Russell Coker wrote:
> On Wednesday 09 May 2007 07:39, Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote:
> > In reality they'll be included unreviewed, the maintainer will lose
> > interest half a year after the stable release and the security team will
> > have to deal with all that junk every couple of months. So, don't do that.
>
> How do you think it would be different from typical Debian packages in this
> regard?
in the sense that most deadware floating in main is not as likely to be
remotely accessible and thus is not as likely to have remotely
exploitable security issues?
> It seems like a bad idea to avoid packaging software (thus losing the users
> the security benefits of the packaging) because of the potential for security
> issues.
from my limited experience/observations, i'll bet that debian security
folks (esp secure-testing) would beg to differ.
sean
signature.asc
Description: This is a digitally signed message part
