В Втр, 17/08/2010 в 11:27 +0200, Alex Legler пишет: > but as for removing the old versions, that's something we usually ask > people to do after bumping packages with security issues to minimize > the risk of people installing possibly vulnerable versions.
I agree with removal but not immediately. Personally I already had issues with another web application: it worked in my installation, but people were unable to use it after security fix. Since having vulnerable but working installation is better then "fixed" but broken, I'd rather always kept old versions for some time. Also it's not a big problem to have old versions in the tree since you have to specify version number explicitly to install them... -- Peter.
