On Tue, 2010-03-02 at 18:08 +0100, Thomas Moschny wrote: > > you can try and cherry-pick security updates, but then you get the > > problem where initial release has Foobar 1.0, then Foobar 3.5 gets > > shipped in updates, then a security problem emerges and Foobar 3.5-2 > > with the security fix gets shipped in updates. You now have a choice of > > unsecure Foobar 1.0, or completely new version Foobar 3.6. > > Yes, and that will always be the case unless you are hiring a lot of > developers to backport security fixes. Oh wait ... isn't that what > RHEL is about? Other distributions manage this perfectly well without egregious version bumps. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel