On Mon, Aug 2, 2010 at 7:35 PM, Ryan Lane <rlane32(a)gmail.com> wrote:
Are they also backporting security fixes for all
extensions as well?
I would assume that Debian, ideally, applies security patches for
extensions they distribute themselves. Programs a user has installed
outside the Debian system are always going to be the responsibility of
the user.
Of course, if Debian upgraded their "stable" version of Mediawiki to
the newest version, and my production server was running a custom
extension that only worked with the previous version of Mediawiki that
Debian called "stable", I'd be pissed.
If Debian doesn't feel they should keep supported
versions in their
repos, maybe they shouldn't distribute MediaWiki.
That is, seriously, an absurd attitude for a Mediawiki Developer to
have. It reflects a fundamental misunderstanding of the meaning of
Debian's "stable version" system.
Note that Debian stood up to Mozilla corp. when Mozilla attempted to
stop Debian uploading security patches to stable versions [1]. Surely
Mediawiki would have much less persuasive power telling them to stop.
I'm exiting of this discussion at this point. I've made the point I
wanted to make, compelling or not, and I'm afraid I'm drifting off
topic.
- Carl
[1]:
http://en.wikipedia.org/wiki/Mozilla_Corporation_software_rebranded_by_the_…