Martin Pauly wrote:
Am 09.09.2017 um 17:56 schrieb Michael Ströder:
No matter what improvements a new version brings, you almost always want to have a stable, secure environment you can build your next enhancement on.
quite pracitcal: my current, well running instance minus newly discovered security issues. Cf. my other post about why selective security-only updates would make sense for many productive sites.
You stripped my response text completely and you're basically missing the point. Upstream developers often do provide minimal updates but distributions (especially Debian) fall way behind the releases which leads to insanely large update gaps. They try to "fix" that by back-porting patches claiming that these old but patched releases are more "stable" (without giving a clear definition of "stable"). IMO this approach neither is stable nor secure. Repeating this "stable" claim over and over does not make it become true. And it wastes a lot of time. Ciao, Michael.