Security fixes on plattform

29 views
Skip to first unread message

Nils Rückmann

unread,
Apr 14, 2012, 4:34:02 PM4/14/12
to joomla-...@googlegroups.com
As we never will use the latest version of the plattform, im wondering how we want to deal with security issues that belongs to the plattform.
Does the plattform provide patches for older versions, or would we have our own "patched" library ?

Rouven Weßling

unread,
Apr 14, 2012, 4:42:49 PM4/14/12
to joomla-...@googlegroups.com

On 14.04.2012, at 22:34, Nils Rückmann wrote:

> As we never will use the latest version of the plattform, im wondering how we want to deal with security issues that belongs to the plattform.
> Does the plattform provide patches for older versions, or would we have our own "patched" library ?

The JSST fixes security issues regardless of where they are and upstreams them as necessary. There are two platform maintainers (Christophe and me=) who are also on the JSST. Occasionally these fixes are discussed (privately) with the other platform maintainers, for example when API is changed or new API is introduced to make sure we don't cause backwards compatibility issues later on.

The platform doesn't yet offer security releases. This may happen down the road, but for now other downstream users are on their own.

Best regards
Rouven

Nils Rückmann

unread,
Apr 14, 2012, 4:48:49 PM4/14/12
to joomla-...@googlegroups.com
Thanks
Reply all
Reply to author
Forward
0 new messages