On Fri, 8 May 2015 14:11:08 +0000 "Beachey, Kendric" <[email protected]> wrote: > My question...is RT 4.0.17 itself old enough that I really ought to upgrade > it as well?
Yes. 4.0.17 has published security vulnerabilities against it (CVE-2015-1464, CVE-2015-1165, CVE-2014-9472): http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html > I'd like to minimize the amount of surprise for the users via new > looks, so I'm wondering if there are any huge problems with staying > at 4.0.17. Upgrading within a stable series will never cause any major user-visible UI changes, and should never break installed extensions. Upgrades within a stable series (from 4.0.17 to 4.0.23, for instance) are designed to be no-hassle bugfixes and security fixes. If we feel a change has the potential to give an administrator reason to _not_ upgrade within a stable series, it is unsuitable for that trunk. Please upgrade. All of this is hopefully also made clear on release policy page: https://bestpractical.com/rt/release-policy.html - Alex
