in this case, David has right.. there's no sense in made security patches for packages that changes dinamycally, a new backport maybe.. but now i know that squeeze are very obsolete and a backporting for jeese its a right way
2015-06-04 2:42 GMT-04:30 David Bremner <[email protected]>: > darktable is probably a good example of a package where even security > support doesn't make much sense. > > - The code is changing very quickly to support new camera hardware; > upstream already considers the version in Jessie obsolete. > > - It's consumer/desktop code. I guess there's no server infrastructure > depending on photo editing software. I'm just not that sympathetic to > the individual user who hasn't upgraded from squeeze. > > - The software is quite demanding; essentially it is barely functional > on 32 bit machines because of memory demands. So I doubt very much > there are many people running it on old computers. > > - The development version (for stretch) will actually be more secure, > since it eliminates libraw, a constant source of CVEs. > > about that: > My expectation when uploading a backport is to support it until the next > stable release. Sorry LTS people, but in this case your itch is not my > itch. If that's wrong, please let me know, and I'll think very carefully > about what I backport in the future. > I think this are too severe.. backporting make more flexible the time of usage for novel users that loves the stability and peace of installations (i still have a lenny laptop with some games for my children)
