On Sun, Apr 23, 2006 at 09:38:02AM +0200, jdd wrote: > playing with YOU and working with mediawiki, I noticed the > last YOU update was 1.4.x (with x=7, but I'm not sure of that) > > Mediawiki being at stable 1.6.3 I wondered if this was a > good choice.. I asked the mediawiki list and got the answer > below: mediawiki is maintained for approx 1 year. > > Given SUSE Linux is said to have security updates for two > years, I wonder what is going to be done. > > Will a Novell programmer make the necessary patches to 1.4? > will SUSE (YOU) provide upgrade to 1.5 or 1.6... giving I'm > stuck with the 1.6 upgrade :-)
We currently do this, yes: $ ls -l /work/SRC/old-versions/10.0/all/mediawiki -rw-r--r-- 1 root root 854 2006-03-30 14:35 MD5SUMS -rw-r--r-- 1 root root 42 2006-03-30 14:35 MD5SUMS.meta -rw-r--r-- 1 root root 358 2006-01-26 11:08 mediawiki-1.4.5-permission-fix.diff -rw-r--r-- 1 root root 399 2006-01-26 11:08 mediawiki-1.4.7-DoS-CVE-2006-0322.diff -rw-r--r-- 1 root root 443 2006-01-26 11:08 mediawiki-1.4.7-EditPage.diff -rw-r--r-- 1 root root 1162 2006-01-26 11:08 mediawiki-1.4.7-IE-XSS.diff -rw-r--r-- 1 root root 1604 2005-12-07 14:47 mediawiki-1.4.7-php4.4.1.diff -rw-r--r-- 1 root root 1485633 2006-01-26 11:08 mediawiki-1.4.7.tar.bz2 -rw-r--r-- 1 root root 2174 2006-01-26 11:08 mediawiki-1.4.7-xss-CAN-2005-2396.diff -rw-r--r-- 1 root root 1849 2006-01-26 11:08 mediawiki-1.4.7-xss-CVE-2005-4501.diff -rw-r--r-- 1 root root 3121 2006-01-26 11:08 mediawiki-1.4.7-xss-math.diff -rw-r--r-- 2 root root 1459 2006-03-28 13:24 mediawiki-1.4.7-xss-parser.diff -rw-r--r-- 2 root root 2155 2006-03-28 16:39 mediawiki.changes -rw-r--r-- 2 root root 4922 2006-03-30 14:35 mediawiki.spec -rw-r--r-- 1 root root 1140 2006-01-26 11:08 README.SuSE -rw-r--r-- 1 root root 0 2006-03-30 14:35 ready > php scripts are very sensitive materials. vulnerability > found there can severely impact a server. Just do not use them. ;) > But of course my question is not about mediawiki (I already > cope with this one :-), but more generally, giving the speed > of the working Linux flow, how is the update policy setup? > 10.0 is pretty fresh :-) 2 years of security updates, as with the dozen SUSE Linux releases before. Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
