Steve Langasek wrote: > Security Team, > > On Mon, Mar 05, 2007 at 10:27:00PM +0000, Kai Hendry wrote: > > As micah suggests I will offer a "firm commitment to actually making > > the security updated packages when the hole comes out, and even drafting > > the DSA and delivering it to the security team on a silver platter) and > > if it becomes untenable I will support the removal" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We can't sanely remove a package from a stable release. > > Below is the last email from upstream confirming support. > > Is this satisfactory? Should this bug be closed? No, I still believe it's not supportable over the course of a stable release and has security issue too frequently. Instead of focusing on each one's pet package we need to look at the big picture. Maintaining security support for a distribution of the size of Debian is already difficult enough. If there's user interest in Wordpress, I recommend to maintain it through volatile. EOD for me. PS: I need to correct my earlier remark. Even Gentoo ceased security support for Wordpress (and they don't even do backports): http://bugs.gentoo.org/show_bug.cgi?id=168529 Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]