[pLog-svn] r6088 - plog/branches/lifetype-1.2/class/security

Andy myside at myside.mine.nu
Wed Jan 2 16:20:54 EST 2008



On Wed, 2 Jan 2008, Jon Daley wrote:

> On Wed, 2 Jan 2008, Andy wrote:
>> I was using a 1.1.x version that I was perfectly happy with and wanted to
>> maintain.  I bitched about it in a blog post:
>>
>> http://myspew.com/blog/mysides-spew/bullshit/2007/04/01/i-have-a-bone-to-pick-with-lifetype
>>
>> Please don't take it harshly.
>
> 	I am not sure if there is a way to take it non-harshly...
> We have fixed all security issues that we know of in 1.1, and I think 1.0.
> We didn't backport them to 0.3.2.
>
> 	Oscar probably humorously put in the note about the "feel free to
> drop in a donation if you want support", since I think the project has
> received less than $100 since its inception.  You can't expect life-long
> support for free - I wouldn't expect that from anything, and if you do,
> you probably don't want to stay with LifeType, as you won't end up happy
> with us, I think.

I made a $5 donation a couple months ago:
http://myspew.com/blog/mysides-spew/software/2007/10/02/just-a-little-monetary-support-shows-appreciation

That's all I could afford, but I hope it showed my appreciation.

I disagree with you.  If the project were to end, I have two years of PHP 
4 experience, among other associates.  I hope that never happens.  All of 
you are amazing, and if their is anything more I can do to help, please 
ask.

>
> 	Another note on your blog about centos being "supported" for seven
> years.  What they mean is, we promise not to change anything for years,
> and if you want to run newer versions of software to get features, bug
> fixes and/or security fixes, good luck.  I would not advise running centos
> on a system that you want to be able to stay up-to-date with *any*
> packages.  The company I do some contracting work for picked centos a
> while back and are now having huge difficulties in getting versions of
> various things to be current, and are hand-compiling different packages,
> since centos doesn't support them.

You can swith to RHEL 5 repositories for package updates. ;)  I know, 
CentOS will only support updates to the base repo and it's a pain in the 
arse to get required i386 libraries for compiling some specific 
applications.

> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>


More information about the pLog-svn mailing list