[owncloud-devel] ownCloud 6 security support, and 7 timeframe
david at tilapin.org
Thu Apr 3 01:40:38 GMT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hi ownCloud developers,
Le 26/03/2014 13:28, Klaas Freitag a écrit :
> On 26.03.2014 17:25, Thomas Müller wrote:
>> I honestly question if ownCloud should be release under the scope of Debian main.
>> We are a volatile project and we will ship releases faster than Debian.
> This is of course not a "debian only" problem, other distros have the
> same issue. I am also lacking the great idea how to solve that.
Most projects ship releases “faster than Debian” (luckily), that
shouldn’t prevent anyone to provide long time service for a (selected)
branch of one project. For example the Linux project releases often, a
lot, and most major versions have a way shorter lifetime than ownCloud.
That doesn’t prevent Linux to offer a few longterm versions (and
ownCloud doesn’t even have to bother with support of new hardware ;).
We wouldn’t expect ownCloud to provide backports of new features or bug
fixes, we would “just” welcome (help with) backports of security fixes.
Since ownCloud usually discloses and documents properly [1,2] the
security issues and fixes, I’d be happy to (get some help in order to)
integrate the needed fixes into the stable branch that would be shipped
with Debian Jessie (possibly version 7). Don’t you believe it would be
possible (we’d be aiming at supporting the security of the stable7
branch about two years after its targeted lifetime)?
e.g., 1: http://owncloud.org/about/security/advisories/oC-SA-2013-028/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the Devel