>>>>> "SN" == Stefan Neufeind <fedora-legacy@xxxxxxxxxxxx> writes: SN> - To what degree would a newer version be allowed without the SN> backporting-hassle? That would be up to the maintainer. Extras has never promised stability in the same way that Core (or Legacy) has and it certainly isn't going to be up to the Extras security team to tell the maintainers what they can do. Of course everyone should expect that maintainers won't arbitrarily break everyone's systems with incompatible updates; that just isn't within the scope of the security team. SN> - How about joining forces with Fedora Legacy? There is a small amount of natural overlap for those packages that move from Core to Extras, and of course all assistance from any sides is appreciated. But it's important to note that there is a fundamental difference in how the teams operate: Legacy is actually doing the fixing, while the Extras security team exists to help the maintainers and actually fixing packages is a last resort when the maintainer is unresponsive. In that role the Extras security team could certainly felicitate communication between the maintainers and the Legacy team when it makes sense. - J<
