Le 2014-10-01 11:25, Thorsten Glaser a écrit :
On Wed, 1 Oct 2014, Sylvain Beucler - Inria wrote:
Debian also has this horrible thing called "non-upstream patch" which is also
known worldwide as the OpenSSL predictable random number generator
vulnerability ;)
Yeah ;-)
So I'd recommend considering the upstream PoV first, and then let it flow down
to distros (rather than the other way around).
You’re free to do that. I’ll be uploading Mediawiki 1.23 to Debian.
It’s your choice if that Breaks: fusionforge, then, if FF does not
support it…
I'm talking to you as a FusionForge contributor.
There's no "you're free" or "your choice", it's "we/our", you included.
So what do you mean?
I’ll ask before uploading a patched FF to Debian experimental, of
course.
A wheezy-backports upload may smooth things, as long as the changes in
MediaWiki itself aren't invasive.
If they’re not invasive, FF doesn’t need to be patched.
I mean from the user PoV, they already got an unexpected stable-release
change with the rebuilding of SCM stats, so I'll be careful about
introducing a new MediaWiki.
I will not be supporting a backport of mediawiki. It’s enough
maintenance work already, and not tested enough (I broke one
security upload completely, and do not want a repeat of that).
_______________________________________________
Fusionforge-general mailing list
Fusionforge-general@lists.fusionforge.org
http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-general
