On Fri, Apr 01, 2016 at 05:28:32PM -0700, Nish Aravamudan wrote: > For a few packages, our best (only) option is to update major versions > to get PHP7 support [the alternative being dropping them from the > archive]. The three I have hit so far are:
> drupal7 [drupal8] (7.41 -> 8.0.5) I think it is a mistake to add drupal8 to our archives. No one has tended to existing versions: http://people.canonical.com/~ubuntu-security/cve/pkg/drupal6.html http://people.canonical.com/~ubuntu-security/cve/pkg/drupal7.html Anyone installing drupal from our archives is getting something that we know is old and has security issues. Packaging drupal is providing negative value to our users. If someone absolutely must run drupal, they'd be best served to run an upstream tarball. Then it is clear who has the burden of following updates. Unless someone has a serious committment to SRUing every single upstream update for the life of 16.04 LTS I think we'd be better off dropping drupal entirely. Thanks
signature.asc
Description: Digital signature
-- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
