Russ Allbery writes ("Re: Dreamhost dumps Debian"):
> Yeah, I know. But the number of such exceptions is relatively limited,
> enough so that we can issue security advisories saying they're not
> supported any more. It's not a comfortable compromise, but it seems to be
> a workable one. The LTS security policy is quite a bit broader in its
> implications.
I think we need to do more than that. We need to arrange to
automatically disable affected software (by default). (And that has
to be done in a way that allows an affected user to re-enable it, and
which is sorted out properly on upgrade.)
Ian.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive:
http://lists.debian.org/[email protected]
